ive been getting this too on both my freebsd boxes, it seems to be an epidemic. i guess its some form of ssh scanner looking for open accounts with no passwords (or easily guessable passwords)? Thanks, Craig >Hi all, >I found similar sequences in the <snip> >165.21.103.20 port 39836 ssh2 >Aug 13 13:56:35 www sshd[26113]: Illegal user test from 165.21.103.20 >Aug 13 14:25:36 www sshd[26485]: Illegal user test from 202.28.120.57 >Aug 13 14:25:41 www sshd[26487]: Illegal user guest from 202.28.120.57 > >What are these? > _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "[email protected]"