I'm slowly getting there with linix altough when I came to set up my home server running FC3 I've had a bit of a security scare.

I installed everything as normal and left the box on for a couple of days to see how it behaved. I opened up the SSH on the firewall and forwarded the port from my router. When I checked the security logs I found that someone had been trying to crack my system trying loads of different usernames and passwords. In a state of paranoia I reset the box to find that one of the hard drives had failed so linux wouldn't boot.

At this point I thought a simple re-install would do the trick so removed the dead drive and started again. Today I come home to find the following in my System Log:

Feb 23 08:01:01 localhost crond(pam_unix)[6498]: session opened for user root by (uid=0)
Feb 23 08:01:01 localhost crond(pam_unix)[6498]: session closed for user root
Feb 23 09:01:01 localhost crond(pam_unix)[6502]: session opened for user root by (uid=0)
Feb 23 09:01:01 localhost crond(pam_unix)[6502]: session closed for user root
Feb 23 10:01:01 localhost crond(pam_unix)[6506]: session opened for user root by (uid=0)
Feb 23 10:01:01 localhost crond(pam_unix)[6506]: session closed for user root
Feb 23 11:01:01 localhost crond(pam_unix)[6512]: session opened for user root by (uid=0)
Feb 23 11:01:01 localhost crond(pam_unix)[6512]: session closed for user root
Feb 23 12:01:01 localhost crond(pam_unix)[6516]: session opened for user root by (uid=0)
Feb 23 12:01:01 localhost crond(pam_unix)[6516]: session closed for user root
Feb 23 13:01:01 localhost crond(pam_unix)[6520]: session opened for user root by (uid=0)
Feb 23 13:01:01 localhost crond(pam_unix)[6520]: session closed for user root
Feb 23 14:01:01 localhost crond(pam_unix)[6524]: session opened for user root by (uid=0)
Feb 23 14:01:01 localhost crond(pam_unix)[6524]: session closed for user root
Feb 23 15:01:01 localhost crond(pam_unix)[6528]: session opened for user root by (uid=0)
Feb 23 15:01:01 localhost crond(pam_unix)[6528]: session closed for user root
Feb 23 16:01:01 localhost crond(pam_unix)[6532]: session opened for user root by (uid=0)
Feb 23 16:01:01 localhost crond(pam_unix)[6532]: session closed for user root
Feb 23 17:01:01 localhost crond(pam_unix)[6536]: session opened for user root by (uid=0)
Feb 23 17:01:01 localhost crond(pam_unix)[6536]: session closed for user root

I haven't SSH'd into the box so am curious if this is someone who has gained my root password or is simply a system process running....

Please put this paranoid noob's mind at rest!

My FC3 box here at work shows similar log entries. My guess is that cron generates such logs, or something similar. I don't think it's a problem.

Thank you... I figured that these wouldn't be a problem... you should have seen the last log! If my hdd hadn't crashed I would have pasted the log here!

The log entry for someone logging in through ssh would look like:
May 18 02:12:44 vortex sshd[1833]: Accepted password for root from xxx.xxx.xxx.xxx port 1881 ssh2

Although this user changed the port number for ssh. I this case the user was hacked. The ip address was for an internet cafe in Romania.

The log you posted is for an hourly cron job.