In case you’re still running sshd on port 22 (which you should change!) you’re probably getting hammered with brute force attempts.  Take a peak at /var/log/secure or /var/log/wtmp or the “last” command and have a looksy.

There’s a great little application called “denyhosts” which will automatically add suspected brute forcers to your DENY list.

URL        : http://denyhosts.sourceforge.net/
License    : GPLv2
Description: DenyHosts is a Python script that analyzes the sshd server log
           : messages to determine which hosts are attempting to hack into your
           : system. It also determines what user accounts are being targeted.
           : It keeps track of the frequency of attempts from each host and,
           : upon discovering a repeated attack host, updates the
           : /etc/hosts.deny file to prevent future break-in attempts from that
           : host.  Email reports can be sent to a system admin.

A friend of mine showed me a great online video shows cracking the Window’s SAM file using the BackTrack live CD.

The Windows SAM file which is a database stored as a registry file stores users’ passwords in a hashed format.

The video can be found here and the BackTrack live CD can be downloaded here.