Using honeypot you can monitor and learn more about malicious SSH login.
From the article:
Malicious SSH login attempts have been appearing in some administrators’ logs for several years. This article revisits the use of honeypots to analyze malicious SSH login attempts and see what can be learned about this activity. The article then offers recommendations on how to secure one’s system against these attacks.
Read more at securityfocus…