Best way to prevent attacks is by only allowing ssh access from certain address ranges within your private network or VPN.

sshdfilter (http://www.csc.liv.ac.uk/~greg/sshdfilter/) will automate iptable rules by scanning the log and looking for break-in attempts.