what is sgi_fam pls any kind of description will be appreciated I'm not sure if it's up & running on my system
and for the bruteforce consider entirely disabling root access through sshd which is set by /etc/ssh/sshd_config allowrootlogin no (or similar)\
you can do su after you log as normal user. also set in sshd config users who are allowed to connect all other will be in log as invalid user or similar..
also pam_tally is a good thing to make it drop after 5 failed attempts lets say for 5minutes
also good thing is to change the port and apply rsa keys there is no other way known to me to protect your world listening shell