Yes, checking source, signatures,chksums of packages is always a good practice. clamav-for virus checking works well ,also rkhunter for rootkit checks ,denyhosts for blocking ssh connections if you do leave port 22 open; and am sure other open source security tools should work well on the IT.