Please can anybody assist me explain what is going on in the following log files? Especially lines 12 to 15, is it a prelude to a denial of service attack?

Many thanks

auth.log:

1. Feb 28 08:50:08 bsd55(161.76.125.92) sshd[1117]: error: PAM: authentication error for root from 207.46.198.60
2. Feb 28 08:50:25 bsd55(161.76.125.92) sshd[1120]: Accepted keyboard-interactive/pam for Len from 207.46.198.60 port 2364 ssh2
3. Feb 28 08:51:23 bsd55(161.76.125.92) login: 1 LOGIN FAILURE FROM 207.46.198.60
4. Feb 28 08:51:23 bsd55(161.76.125.92) login: 1 LOGIN FAILURE FROM 207.46.198.60, root
5. Feb 28 08:52:24 bsd55(161.76.125.92) login: login from 207.46.198.60 on ttyp3 as Len
6. Feb 28 08:52:16 bsd55(161.76.125.92) su: Len to root on /dev/ttyp1

Firewall IDS log:

7. 8:53:10. Packet from 161.76.125.92 to 123.28.5.210
8. 8:56:12. Packet from 161.76.125.92 to 123.28.5.210. TFTP request
10. 8:56:28. Series of packets from 123.28.5.210 to 161.76.125.92. TFTP response
11. (no more host log entries)
12. 9:03.17. Packet from 161.76.125.92 to 60.3.4.5. SMTP
13. 9:06:12. Packet from 161.76.125.92 to 60.3.4.5. SMTP
14. 9:10:12. Packet from 161.76.125.92 to 60.0.1.1. TCP SYN=1, Destination Port 80
15. 9:10.13: Packet from 161.76.125.92 to 60.0.1.2. TCP SYN=1, Destination Port 80