sshd BREAKIN ?

[jdow]

From: "Tang Ho Yim" <hoyimtang at yahoo.com>

>I got a error messages from /var/log/auth.log which is about sshd......
>
>  .....sshd : reverse mapping checking getaddrinfo for core-01.148.rdcw.com failed - 
> POSSIBLE BREAKIN ATTEMPT !
>
>  all my sshd_config is default setting except I have change to "PasswordAuthentication 
> NO , PermitEmptyPasswords NO , and ChallengeResponseAuthentication NO"
>
>  Is that I am being hack ?
>  last command show who is login before but it seem ok....
>  What should I do ?

Somebody is trying; and, that somebody is failing. You need something
akin to "DenyHosts" (which works on tcpwrappers) or one of the other
BSD compatible tools of a roughly similar sort. I'd suggest wandering
through the list archive. In the last month or two we've been over this
before, repeatedly.

{^_^}