These types of attacks don't seem directed -- it's more like fishing for unprotected systems. FWIW, changing the ssh port dropped the illegal user attempts to 0 instantly... - ben On Mon, 10 Jan 2005 23:29:10 -0800, Ted Mittelstaedt <tedm at toybox.placo.com> wrote: > If I'm going to attack you I'm going to use nessus to scan all > ports on your machine.