I use a program called denyhosts on debian which adds an offending ssh attacker's ip address to the /etc/host.deny file, banning them from either ssh or ALL logins. Ken