Daniel Lawson wrote:
I don't want to be stating something obvious or stupid, but what about running SSH on a high port ? I do that and have VERY little activity.
Security through obscurity doesn't work very well[1]. You'll do a lot better in the long term to make sure your SSH passwords are secure, or to only allow key-based auth, or to use TCP wrappers or firewalling to limit who *can* connect.
[1] This will prevent the current attacks, but it's only a matter of time before there are worms out there scanning all ports and making note of common services on high ports.
I totally agree with Daniel and also Gavin. From outside, using a VPN is definitely the way to go. VPN is something I would implement on the firewall which would be a separate appliance to the host - As you know a Cisco Router with the IOS IP Plus/FW/3DES image or a NetScreen dedicated FW appliance are what turns me on.