According to a recent SecurityFocus report there are no w large distributed brute force ssh attempts coming from multiple IP addresses. This means that tools like denyhost that block login attempts from hosts that have made multiple failed attempts are not really going to assist. Of course another alternative to foil these automated attacks is to move the standard SSH port. This can be done by editing your /etc/ssh/sshd_config and changing the port to one that is not currently running a service. One the file is edited, restart the SSH service for the changes to take effect. ]]> http://www.coreix.net/blog/protection-against-brute-ssh-login-attempts/3/feed/ 1