RH7.3 2.4.18-3 - I'm getting a lot of these lately:

Failed password for illegal user admin from 211.114.136.129 port 34858 ssh2
Received disconnect from 211.114.136.129: 11: Bye Bye

Which, I know, many of us are. I need to have ssh open for a few
different users, and I could simply block all ssh and allow only those
users ips, but I'd rather not, as thier ips are not all static. I've
googled for info on the problem, but nobody seems to have any solutions
or remedies to minimize the risk.

I'd like to lock an IP out if it fails ssh login 3 times or more, but
I'm not sure how I'd approach that....

Any ideas, solutions?


-D