Security Incidents: Weird SSH attack last night and this morning (still ongoing)

[Gary Baribault <gary () baribault net>]

I don't know what is going on last night and this morning ... I have 
three Linux servers facing the Internet, two on cable modems and another 
on a static IP/commercial connection and this last one is a gateway to a 
Web/FTP/SMTP/Pop3/NTP Linux based system.
I have DenyHosts installed on all three and have blocked about 75 
attempts ..  from known compromised adresses .. The log shows 
(obviously) that there where even more attempts from adresses that are 
unknown to DenyHosts but there was only one login attemps per adress and 
it was with the Root account .. which is obviously blocked in my sshd 
config ..
Of the three machines, one of them only had about 10 attempts, but the 
other two had about 200 attempts .. all of them with only 1 try with the 
user Root ..
Is any one else seing this? or am I being targeted? This is still going 
on now .. and it started arround 10:00 last night GMT+4
--
Gary Baribault
Courriel: gary () baribault net
GPG Key: 0x4346F013
GPG Fingerprint: BCE8 2E6B EB39 9B23 6904 1DF4 C4E6 2CF7 4346 F013