I accept it as normal many (upwards of several thousand) daily root 
breaking attempts. My defense is careful sshd configuration and 
restrictive incoming router firewall.

Does anyone mantain a database of consistently offending sites (maybe a 
news source, such as politico or propublica)? Initial use of whois and dig 
for a few returned familiar countries of origin, coutries that may 
encourage or even sponsor some attempts.

I searched the archive for "breakin" and "failed" with an without subject 
line qualifiers (like "root") and found nothing.

Thank you.
mark hansel