First, you should setup sudo for a standard user account and disable the root account. Having a root account makes it that much easier for a hacker to perform a password hack.
Second, I would check that there are no other accounts that support login on the Edison.
Third, I would move SSH to another port. That further lessens the chance of someone trying to hack the system.
Since you only opened the SSH port, it had to either be a password hack, or some ssh exploit. Is it possible that there is some unpatched exploit in the Edison version of ssh?
I'm not sure SELinux would help that much. It seems like SELinux would maybe help protect the system if an unauthorized user logged into your Edison, but I don't think it helps keep unauthorized users from logging in.
I will look into this as well. I have not had anyone take over my Edison as of yet. Edison is not hardened out of the box. I use SSH on 22, and there are considerations that should be set when looking to harden your configuration.
First thing to do when putting linux board on the net. Disable root logins (you dont need sudo, su is perfectly good in these scenarios!) and then switch over to a non default port.
Would be very interesting to see whats on your FS - could I convince you to upload it?
If you're talking about the owned Edison, sadly, I reimaged it. I debated keeping it around as a research project, etc, but alas... I needed it for a project, and the last place I wanted it was anywhere near my network in its former state.
Perhaps in the future, I'll keep a backup nand copy around for funsies.