As we run a SSHd which is available remotely , I installed DenyHosts
sudo apt-get install denyhosts
A quick look at:
tail -n500 -f -s3 /var/log/auth.log
Shows endless attempted logins from dictionary attacks. DenyHosts will block the IP after a few failed attempts.
I added 86.28.80.249 to
sudo nano /etc/hosts.allow
So we can never be locked out on our IP.