It may help a little but these aren't brute force attacks you're seeing - they're just quick attempts to connect with either a blank password or a common bad-password like the word 'password' as a password. SSH uses challenge-response authentication which means it can (and does) enforce a delay after a wrong password and forces a disconnect after (by default) 3 wrong passwords. This makes brute-force dictionary or common password list attacks take too long to be practical.
A better solution might be to simply run the ssh daemon on a port other than 22, all ssh clients I know of can specify the port to connect to. I moved mine to another port and since then I've got no false connection attempts - it simply takes too long to scan even all the service ports of a computer for one that's open, so the script kiddies and crackers that do this only scan port 22.
then again it could be fairly easy to maliciously find out the users on a system
Not through ssh its not. ssh has been specifically designed to not give any information about which usernames are valid on a system. Most other daemons have similar safeguards against giving out information like that about the system.