Not really; ssh port scans are common for any machine that's connected to the Internet. If they've been blocked by the firewall, there's not much else you can do other than block them with a hardware firewall before they even reach your server.
If you do want ssh visible over the Internet, you should set it to a non-standard port so script kiddies won't find it; determined hackers will obviously try scanning all ports and find it eventually anyway, but most will just scan for machines with ssh on the default port and then try to break into those by looking for weak passwords. Ideally, disable password login entirely and use 2048+ bit RSA keys instead.
Bookmarks