- If you access ssh from already known IP addresses, re-write your firewall or use hosts.allowand hosts.deny to allow only those IP addresses (or address ranges) through
-Add an AllowUsers line to your sshd_config file. This means that ONLY the users listed on that line are allowed ssh access.
-Modify your sshd_config so that it uses public/private key authorization. That way only those who have a legitimate key on the system will have access.
-Make sure that you are only using the SSH 2 protocol (again, something you set in your sshd_config file).
Personally I use the last three methods and while I see almost daily attacks, the only thing they do is fill up my log file.