And since you brought up the analogy of ciphers I would remind you of the other aspect of ciphers that only really experienced folks should try to implement them. Bad ones are easy to crank out but good ones take time and effort. My solution to this takes neither time nor effort and if someone of mediocre experience and little time wants to stop the attack, I posit that doing what I suggest is far more effective than any hastily-enacted defense of port 22. If nothing else it *will* buy them time to work up a better defense but at worst the attack is thwarted in seconds with no additional infrastructure. I am not now nor have I ever implied that this is adequate to protect something major like a business or research facility but it is a viable defense for the average home server.