These SSH scans are generated ( in most of cases ) by Linux Zombie machines, infected with a kind of worm used to get vulnerable hosts to install a PBSync IRC.
I just changed my default SSH port and all attacks had stoped. Another way is run somethink like DenyHosts, a python-based daemon that scans logs and put the "attacker ip" into /etc/hosts.deny: SSHD:10.0.0.1 ( for example ). CheerS
