Put SSH on some port other than the default, to minimize brute force attacks.
You can also create or get some crontab script that parses the /var/log/secure* files for repeated break-in attempts and adding those IP's to your /etc/hosts.deny file.
Or get yourself a Router device and use NAT port forwarding to hide your SSH port by means of redirection.
Must be a tough neighbourhood if you are attacked by users from your own network. Maybe even change your password every few days.
Last edited by Tinkster; 10-30-2010 at 05:11 PM.