These iptables rules will limit the exposure to brute force and dictionary attacks on port 22 SSH.
iptables -A INPUT -p tcp --syn --dport 22 -m connlimit --connlimit-above 2 -j DROP iptables -A INPUT -p tcp --dport 22 -i eth0 -m state --state NEW -m recent --set iptables -A INPUT -p tcp --dport 22 -i eth0 -m state --state NEW -m recent --update --seconds 60 --hitcount 3 -j DROP # And remember to save the new set of iptables: /usr/libexec/iptables/iptables.init save service iptables save