forum.excito.org

I have the auth.log full of these kinds of entrees I was wondering if this is someone trying to get in? I have the SSH,IMAP and WWW turned off from the WAN.
Thanks

Oct 23 21:35:01 maxihard CRON[2625]: (pam_unix) session opened for user root by (uid=0)
Oct 23 21:35:09 maxihard CRON[2625]: (pam_unix) session closed for user root
Oct 23 21:39:01 maxihard CRON[2656]: (pam_unix) session opened for user root by (uid=0)
Oct 23 21:39:01 maxihard CRON[2656]: (pam_unix) session closed for user root
Oct 23 21:40:01 maxihard CRON[2669]: (pam_unix) session opened for user root by (uid=0)
Oct 23 21:40:07 maxihard CRON[2669]: (pam_unix) session closed for user root

No, this is no hacking attempt, it comes from cron it seems.

Cron is, as you might know, a scheduling service that runs certain jobs at certain times. Some of these jobs are run by root.