looking at my sysmessages today revealed a dictionary attack to my sshd server:
Code:
28/11/06 13:04:04       [my computer name]      sshd[14268]     Invalid user staff from 
83.27.160.184
28/11/06 13:04:05       [my computer name]      sshd[14270]     Invalid user sales from 
83.27.160.184
28/11/06 13:04:07       [my computer name]      sshd[14272]     Invalid user recruit from 
.....etc.....
28/11/06 13:07:44       [my computer name]      sshd[14606]     Invalid user rpc from 
83.27.160.184
28/11/06 13:07:45       [my computer name]      sshd[14608]     Invalid user gopher from 
83.27.160.184
whois returns:
Code:
% This is the RIPE Whois query server #1.
% The objects are in RPSL format.
%
% Note: the default output of the RIPE Whois server
% is changed. Your tools may need to be adjusted. See
% http://www.ripe.net/db/news/abuse-proposal-20050331.html
% for more details.
%
% Rights restricted by copyright.
% See http://www.ripe.net/db/copyright.html

% Note: This output has been filtered.
%       To receive output for a database update, use the "-B" flag.

% Information related to '83.27.0.0 - 83.27.255.255'

inetnum:        83.27.0.0 - 83.27.255.255
netname:        NEOSTRADA-ADSL
descr:          Neostrada Plus
descr:          Wroclaw
country:        PL
remarks:        ! - ! - ! - ! - ! - !
remarks:        Contact to ABUSE TP S.A. :
remarks:        abuse@tpnet.pl
remarks:        ! - ! - ! - ! - ! - !
admin-c:        TPHT
tech-c:         HT2189-RIPE
status:         ASSIGNED PA
mnt-by:         TPNET
source:         RIPE # Filtered

role:           TP S.A. Hostmaster
address:        TP S.A.
address:        ul. Nowogrodzka 47A
address:        00-695 Warszawa
address:        Poland
phone:          +48 22 6225182
fax-no:         +48 22 6225182
remarks:        Network problems -> hostmaster@telekomunikacja.pl
remarks:        Abuse and spam notification -> abuse@telekomunikacja.pl
remarks:        DNS problems -> dns@telekomunikacja.pl
remarks:        Routing problems -> registry@tpnet.pl
admin-c:        TK569-RIPE
tech-c:         TK569-RIPE
tech-c:         JS1838-RIPE
nic-hdl:        TPHT
remarks:        ! - ! - ! - ! - ! - ! - ! - ! - ! - ! - !
remarks:        Please send spam and abuse notification only
remarks:        to abuse@telekomunikacja.pl
remarks:        phone: +48 22 8871788
remarks:        ! - ! - ! - ! - ! - ! - ! - ! - ! - ! - !
mnt-by:         TPNET
abuse-mailbox:  abuse@telekomunikacja.pl
source:         RIPE # Filtered

person:         Hostmaster TPSA-CST
address:        Telekomunikacja Polska S.A.
address:        Data Transmission Systems Centre
address:        ISP
address:        POLAND
remarks:        ! - ! - ! - ! - ! - !
remarks:        CALL - CENTER
remarks:        phone: (+48) 800 120811
remarks:        ! - ! - ! - ! - ! - !
phone:          +48 800 120810
fax-no:         +48 22 6225182
remarks:        ! - ! - ! - ! - ! - ! - ! - ! - ! - ! - !
remarks:        Please send spam and abuse notification only to:
remarks:        abuse@tpnet.pl
remarks:        ! - ! - ! - ! - ! - ! - ! - ! - ! - ! - !
nic-hdl:        HT2189-RIPE
mnt-by:         TPNET
source:         RIPE # Filtered

% Information related to '83.0.0.0/11AS5617'

route:        83.0.0.0/11
descr:        TPNET
descr:        for abuse: abuse@tpnet.pl
origin:       AS5617
mnt-by:       AS5617-MNT
source:       RIPE # Filtered
I've banned all inbound traffic from 83.27.0.0 - 83.27.255.255 on my router, I'd advise others to do the same!
Cheers