now I am a sada guy, with no IP?s to have some fun.. (yes, I do usually do something with who attacks me, have even made a software to serch the logs and log all unique IP?s, and login attempts into a mysql table...)
I don't allow password based login into my machines, so these attacks pose no threat. But if you make your ssh daemon listen above port 32000, chances are 90% 0f port scanners will not bother to search that high so the real threats are further marginalised. As for logging IP's to have "fun" as you call it. You can use your firewall logs to check who is trying to connect to port 22. All of your legitimate users will know about the change, so the ONLY people connecting to port 22 will be people who have no right to be on the machines. So you can still have "fun". By the way, how much fun is it trying to sift through files, call ISP's, lay complaints. Does Brazil have a nice mechanism to do this with with good support from the ISP's? B