Mike

, please re-read my blog posting, especially the very first sentence:

I have a box still running woody, and can’t run iptables recent match on it (see an earlier post in my blog on how to use this kernel filter to effectively block ssh scanners).

I’ve been using that method for well over a year I think. On those boxes that support it.