Absolutely gone

Found now in logs of some psycho who breaks on my server from the domain mail.cp.government.bg


user139:/var/log# netstat -a | grep mail.cp
tcp 0 0 user139.host.ru:ssh mail.cp.governmen:46226 TIME_WAIT
tcp 16 0 user139.host.ru:ssh mail.cp.governmen:47154 ESTABLISHED

user139:/var/log# cat auth.log | grep 'government.bg' | wc -l
465

Mar 20 23:41:24 user139 sshd[9733]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=mail.cp.government.bg

And what to do with this abnormal?