Hi, i'm fairly new to this admin stuff, and have a newbie question,...

i get regularly (but not bombarded) with an obviously script based
access attempts to sshd and ftp, sendmail. I just slap them on the
hosts.deny list and that's the last i hear from them. (i had to move
the sshd port of the main server, it was probed so often).

What i want to know is ...
are these just kids playing about, or spammers trying to break in.
Should i go to a newsgroup trumpeting the ipaddresses?

How can you tell when it's an attack worth 'sharing'?

the script probes usually sshd, and sometimes sendmail or ftp

root
admin
nobody
test
user
guest