My Linode has been experiencing a huge number of brute force login attempts in the past week. I don’t keep detailed statistics, but I would guess there have been 300 attempts in the past week as opposed to the usual rate of about 500 attempts over 200 days (2-3 attempts per day).
Denyhosts has been doing its job perfectly. It should be illegal to run a Internet exposed SSH server without it or a similar tool.*
Thanks to HoopyCat in #linode for pointing me to a SANS Internet Storm Center article explaining the Summer of Hacks phenomenon.
* Unless of course you only accept key based logins.