What is the opinion of the gurus regarding the potential threat of brute force attacks to an SSH server? It certainly seems possible for a automated assault to access my machine's port 22 by forcing an SSH tunnel through a brute force/dictionary style attack? How significant of a threat is this and is the installation of something similar to DenyHosts something that should be included in our setup as it has thus far been described?
The wiki that I reference at the beginning of this post deals with establishing the ssh tunnel to an sshd server running on a Linux machine, and then establishing the VNC session through that tunnel. More or less identical to what we've been describing, except that we've been connecting to a machine with an XP OS. Likewise, DenyHosts is a Linux app. Is it possible to implement it in Cygwin? Or, is there something similar (or for that matter, something completely different) that will help to protect the system's port 22 against this type of attack?