One of the things any self-respecting wannabe webdevver™ just has to do is plunk some old poor Pentium 2 online and set it up as a http/svn/ftp server. SSH means you can admin the thing from your normal machine, and stick the ugly beige case away somewhere out-of-the-way.

All well and good, but after a while you start noticing the harddisk lights blinking at 4 in the morning. You check out all the logs, and it turns out some bot is trying to log in, using each and every common username (linux, admin, sales, purchasing...). Of course, there's no danger of them actually brute-forcing the bugger, since you've undoubtedly set up a nice 16 character password and hammered down the hatches. (Have you? ;) I know I didn't...)

But it's still pretty irritating, and firing off emails to abuse@someprovider.tld gets tiring after a while. You'll want some automated blacklisting: DenyHosts is a pyscript that'll add offending IPs to hosts.deny and cleans up after itself. Here's a nice howto to get you up and running. The tool even communicates with a master server (a la Akismet) to get you lists of known ssh scanbots! The Dev deserves a beer!

Update: apparently you can also just apt-get install libpam-abl