Sometimes I wonder why everybody tries to get out of line, when instead it might be more useful, to keep some service on port 22 just to increase the cost for the botnet operators.
Does someone know it there is something like a super slow and super save sshd implementation which doesn't allow anybody to actually login?
I've seen endlessh[0] referenced in the past. Here's an article that talks about this and other SSH tarpits[1].