You could disable remote logins
You can use iptables to add a line which will drop anything sourced from his IP.
It's always the same, which is a bit silly. It may just be a mistake - someone constantly querying the wrong IP.
65.98.23.255 is owned by Pegasus Web Technologies - you may want to let them know.
... from
http://ws.arin.net/cgi-bin/whois.pl
OrgName: Pegasus Web Technologies
OrgID: PWT-5
Address: 1719 Route 10E
Address: Suite 220
City: Parsippany
StateProv: NJ
PostalCode: 07054
Country: US
ReferralServer: rwhois://rwhois.fortressitx.com:4321/
NetRange: 65.98.0.0 - 65.98.127.255
CIDR: 65.98.0.0/17
NetName: PEGASUSHOST
NetHandle: NET-65-98-0-0-1
Parent: NET-65-0-0-0-0
NetType: Direct Allocation
NameServer: NS1.PWEBTECH.COM
NameServer: NS2.PWEBTECH.COM
Comment:
RegDate: 2004-07-21
Updated: 2005-09-16
RAbuseHandle: PWTAC-ARIN
RAbuseName: Pegasus Web Technologies Abuse Coordinator
RAbusePhone: +1-973-294-2021
RAbuseEmail:
abuse@pwebtech.com
RTechHandle: PWTH-ARIN
RTechName: Pegasus Web Technologies Hostmaster
RTechPhone: +1-973-294-2021
RTechEmail:
hostmaster@pwebtech.com
OrgAbuseHandle: PWTAC-ARIN
OrgAbuseName: Pegasus Web Technologies Abuse Coordinator
OrgAbusePhone: +1-973-294-2021
OrgAbuseEmail:
abuse@pwebtech.com
OrgNOCHandle: PWTH-ARIN
OrgNOCName: Pegasus Web Technologies Hostmaster
OrgNOCPhone: +1-973-294-2021
OrgNOCEmail:
hostmaster@pwebtech.com
OrgTechHandle: PWTH-ARIN
OrgTechName: Pegasus Web Technologies Hostmaster
OrgTechPhone: +1-973-294-2021
OrgTechEmail:
hostmaster@pwebtech.com