I think there is a message for SuSE in these ssh attacks: personally I think it is a bad thing that the out-of-the box sshd_config allows root logins. I believe a good principle to follow is: (1) no network service should run unless the administrator has explicitly enabled it (2) even when a network service is enabled the default configuration should not allow root access If I remember right SuSE now follow the first rule with sshd but not the second. Nearly everyone on this list will be capable of getting this right for themselves, but we have to remember the vast majority of users are not so knowledgeable and need some protection. Bob ============================================================== Bob Vickers R.Vickers@cs.rhul.ac.uk Dept of Computer Science, Royal Holloway, University of London WWW: http://www.cs.rhul.ac.uk/home/bobv Phone: +44 1784 443691