This is off-topic, I believe, but I thought y'all might be able to 
give me some quick help while I begin delve into the many tomes 
covering Un*x security...

In my /var/log/authlog I see:  portmap[2128] connection from 
216.93.52.15 to dump()

followed by connection attempts from blackboard.kellogg.cc.mi.us to 
my pop, imap, and telnet services.

This is repeated three times from three separate addresses in the 
past three days.

I also see: connection from unknown, service shell (tcp).

My installation is a standard NetBSD default install with imap-uw 
added.  I only have telnetd, pop2d, pop3d, imapd active.  Am I 
looking at confirmed access by an unknown, or am I most likely 
looking at failed attempts?  Nothing appears to be harmed, yet.  Is 
there any quick advice on action I should take now, if necessary.

Thanks in advance,

Eric Zylstra
ericz@ccp.uchicago.edu