Potential SSH Brute Force Attack
This event is generated when an attacker attempts to login to an SSH server by guessing usernames and passwords.
By default, access to the SSH server from the Internet is blocked by the firewall. If you decide to open SSH on the firewall, make sure you follow these guidelines:
Use a good password for accounts using shell access
Do not give shell access to regular users
If you do need to grant shell access to an end user, make sure they are also using a good password
Use key-based authentication (see link below)