SSHGuard - Protection for OpenSSH

Are you concerned about brute force dictionary attacks on SSH? Given the popularity of these attacks, you should be. sshguard is a new tool to help protect against such attacks. Although it is still in beta stage, it appears to work well.

OpenSSH provides a secure alternative to clear-text logins used by first-generation network protocols like Telnet and FTP. But it's not enough simply to use SSH instead of Telnet -- you have to use it wisely. If you use weak passwords with SSH, a brute force dictionary attack will reveal your secrets as easily as if your password were sent in clear text.

sshguard protects you from brute force attacks on port 22. It watches SSH login attempts and inserts a rule in your firewall to block the IP addresses of attackers. By default, sshguard will block an attacker (insert a rule in the firewall to block the attacker's IP address) after four unsuccessful attempts within a 20-minute period. Blocked IP addresses are allowed past the firewall again after a random interval of between 7 and 10.5 minutes.