If you run a server with SSHD exposed to the internet, chances are that server is being scanned for common username and password combinations. These often appear in the authorization log (/var/log/auth.log) as entries like:
cr:code
Jun 12 13:33:57 localhost sshd[18900]: Illegal user admin from 219.254.25.100
Jun 12 13:37:17 localhost sshd[18904]: Illegal user admin from 219.254.25.100
Jun 12 13:37:20 localhost sshd[18906]: Illegal user test from 219.254.25.100
Jun 12 13:37:22 localhost sshd[18908]: Illegal user guest from 219.254.25.100
</cr:code>
New server is up. It's on a much faster line, and is a little more powerful than the alt154.org server. Please update your links and bookmarks accordingly.
I'm re-writing my blog engine from scratch, and the project needs a name. Would anyone like to suggest one?