Just wanted to add a "me to" story...
A machine I maintain also was broken into this summer by brute forcing ssh
accounts. (Stupid me, I set up a "test" account with an easy password
when doing testing and forgot to take it down when I put it on the
network).
They got into the test account, but my system was up-to date patch wise,
so they weren't manage to get root as far as I could tell, but they did
run an IRC bot which is how I found out about it.
The attacker in my case was from Europe. But we have users of the system
from europe, so the solution is stronger passwords, not blocking IP's.
Vince
