Here are the two SSH rules that I use. Before I started using this, I was getting between 300-1000 ssh login attempts... It is now about 20 a day. Not perfect, but helps a lot. I have it set to allow two connection attempts every 10 minutes, this can easily be changed though.
iptables -I INPUT -p tcp --dport 22 -i eth0 -m state --state NEW -m recent --set iptables -I INPUT -p tcp --dport 22 -i eth0 -m state --state NEW -m recent --update --seconds 600 --hitcount 2 -j DROP Dallin /* PLUG: http://plug.org, #utah on irc.freenode.net Unsubscribe: http://plug.org/mailman/options/plug Don't fear the penguin. */
