4 Jul
2002
4 Jul
'02
10:02 p.m.
Jul 1 15:41:24 paranux2 sshd[22177]: Accepted password for ROOT from 61.11.13.154 port 62560
61.11.13.154 sounds like it might be from Dishnet DSL IP block... this means the actual user will be NATted from behind this IP.
Anyhow if you've only been logging in with SSH your root password was never sent unencrypted. Hence its pretty unlikely that anyone could have gotten your password in just two tries! A cracker clever enough to launch a man-in-the-middle attack or something would also know enough to erase the logs and cover his/her tracks!
I think it may be a false alarm. Just check if the admin (or you!) logged in from a cable connection somewhere!