failed password for root from ...
what is with the recent uptick in failed ssh logins everywhere? a few weeks ago, i almost never got emails from the automatic log watchers about these, now i get at least one or two a day, all from different ip addresses. usually they’re attempted root logins, but sometimes they’re attempts to log in as other role accounts (like bin
).
There's a worm going around that does brute force attempts on root/root, test/test, admin/admin and a few others IIRC.