I found this great little overview on defending your ssh server from script kiddies. This should be required reading for anyone running a ssh server.
During 2005, bute force attacks on the ssh (secure shell) service became pretty popular. These attacks are based on a rather simple idea: use an automated program for trying, one after the other, many combinations of standard or frequently used account names and likewise frequently used password (e.g.: guest/guest).
Defence methods
There are a number of methods to defend against such brute force attacks. The following list is intended to give an overview of them, and briefly mention their respective advantages and disadvantages.
- Strong passwords
- RSA authentication
- Using ‘iptables’ to block the attack
- Using the sshd log to block attacks
- Using tcp_wrappers to block attacks