I set up some advanced firewall rules on my Linux machine today to keep
the 31137 h4×0r5 at bay. After reading about configuring netflter for a while, I realized I could
use the Destination Network Address Translation to forward packets to another machine behind my firewall.
So, I can now ssh to a machine protected by my firewall externally! In addition to the netfilter stuff, I applied
a bunch of intrusion detection rules to my snort (intrusion detection system / packet logger) database.