Sometime Wednesday, Purdue's IT department (ITaP) discovered that hackers had accessed multiple university servers and obtained usernames and passwords. ITaP and university officials have since asked all facutly, staff, and students to change all their passwords on Purdue systems.
No fun for us here as faculty and teaching assistant computers in the English department are all disconnected from the Internet while Purdue discovers the source of the attack and tries to uncover all compromised systems. Ironically, I noticed Wednesday that hackers had been testing numerous usernames and passwords using SSH to try to access my Linux desktop in my office. Seems as if they have they must have a very large list of usernames they are using to hack into other computers here at Purdue.
Media coverage includes Purdue's The Exponent, ITaP encourages campuswide password change after security breach, and The Indianapolis Star, Hackers get into Purdue computers
ssh scans
it isn't just you getting ssh scans. there are some current trojans which hijack windows machines and use them to scan entire networks for linux machines. there's a predefined list of usernames the trojan tries - things like bob, pete, susan, et cetera. really juvenile-sounding names, you know?
you'll also see scans for things like "system" "admin" and "administrator" following a similar pattern.