I previously talked about a blacklisting method to reduce the number of ssh brute force attempts against your machine. When you follow a blacklisting methodology, in theory, it could never end which is why people are screaming ‘whitelist’ today. If you’re not ready to deny all and not absolutely sure of which IP you’ll be riding in on (back to home base) then you may want to take a look at the options below…
Most brute forcing today usually comes from Asia or Eastern Europe — blocking continents (if you can get away with it) is great practice. Below are some links where you can copy & paste problematic IP ranges into your .htaccess or hosts.deny file….
Country IP Blocks – choose a country and select the output in many formats (CIDR, hosts.deny, etc)