SSH Tools is a favorite target of hackers, so you should take some security measures. One of them – to restrict the number of connections to avoid the DoS-attacks and brute force.
# vi /etc/pf.conf
table <sshbf> persist
block in log quick on $ ext_if inet from <sshbf>
pass in log on $ ext_if inet proto tcp to $ ext_if port ssh keep state \
(Max-src-conn-rate 5/60, overload <sshbf> flush global)
This rule set instructs the packet filter to prevent more than 5 concurrent connections to port 22 for 60 seconds.