Looks like a number of great suggestions have already been made. DenyHosts in particular is very effective and really is an easy to use solution.
Just to add on to the SSH restriction topic.... typically, your Ubuntu installation has the root account "locked", so it typically cannot log in remotely anyway (unless there's an RSA/DSA key... yikes!). But, if you should also restrict SSH access to a particular user group. This way if you ever have add an interactive user, it does not automatically have SSH access. I added a couple sections to the server guide for the 8.04 release a while back, and this section shows you how to restrict SSH based on group membership. https://help.ubuntu.com/8.04/serverguide/C/user-management.html#other-security-considerations You might also be interested in fwknop. These instructions need to be updated for the latest version, but nothing has really changed in the process other than version numbers. https://help.ubuntu.com/community/SinglePacketAuthorization -- Gilbert Mendoza PGP: 0x075DBCA9 Email: gmendoza at gmail.com http://www.savvyadmin.com https://launchpad.net/~gmendoza https://wiki.ubuntu.com/GilbertMendoza
