The goal of this article is to outline a simple method for blocking brute force attacks on sshd for users of Slackware Linux. With a few minor changes, this technique will work on any Linux box with netfilter support in the kernel and a reasonably recent version of iptables (1.3.x) installed. It makes use of the ipt_recent module for netfilter to track who just connected to the port, and to refuse subsequent connections from that host for a given number of seconds. One side effect of this technique is that it will slow down the idiots scanning the Internet looking for even bigger idiots.

Good link dag

Blocking brute force attacks against ssh with iptables and netfilter