break-in attempt in my machine

[Volker Wysk]

Sorry for the wrong language. Here's the English translation:


Hello!

I get a log of messages in /var/log/auth.log, which look like that:

-----------------------
...
Aug 27 12:06:05 desktop sshd[7406]: PAM 2 more authentication failures; 
logname= uid=0 euid=0 tty=ssh ruser= rhost=221.194.44.218  user=root
Aug 27 12:06:08 desktop sshd[7412]: pam_unix(sshd:auth): authentication 
failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.194.44.218  user=root
Aug 27 12:06:10 desktop sshd[7412]: Failed password for root from 
221.194.44.218 port 48680 ssh2
Aug 27 12:06:15 desktop sshd[7412]: message repeated 2 times: [ Failed 
password for root from 221.194.44.218 port 48680 ssh2]
Aug 27 12:06:16 desktop sshd[7412]: Received disconnect from 221.194.44.218 
port 48680:11:  [preauth]
Aug 27 12:06:16 desktop sshd[7412]: Disconnected from 221.194.44.218 port 
48680 [preauth]
Aug 27 12:06:16 desktop sshd[7412]: PAM 2 more authentication failures; 
logname= uid=0 euid=0 tty=ssh ruser= rhost=221.194.44.218  user=root
Aug 27 12:06:19 desktop sshd[7418]: pam_unix(sshd:auth): authentication 
failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.194.44.218  user=root
Aug 27 12:06:21 desktop sshd[7418]: Failed password for root from 
221.194.44.218 port 59535 ssh2
Aug 27 12:06:27 desktop sshd[7418]: message repeated 2 times: [ Failed 
password for root from 221.194.44.218 port 59535 ssh2]
Aug 27 12:06:27 desktop sshd[7418]: Received disconnect from 221.194.44.218 
port 59535:11:  [preauth]
Aug 27 12:06:27 desktop sshd[7418]: Disconnected from 221.194.44.218 port 
59535 [preauth]
...
-----------------------

This already goes on like this since yesterday. For me, this looks like 
someone tries to break in my machine via SSH, by trying many possible 
passwords.

Is this correct?

My password is in no dictionary, and is also not obvious in any other way, so 
I don't worry much that the break-in might get successful.

Volker