Brute-Force SSH Server Attacks Surge (InformationWeek)

On my home box I have disallowed password authentication, which as others have
suggested is a good security measure. Also, the machine is behind a router
(with firewall enabled), and subject to NAT.

The only way to accomplish an ssh login is over IPv6; I can set up IPv6
tunnels to go6.net or another provider from my laptop, and access my home
network via this route. Address scanning will require much more work of the
attacker under IPv6, so they'll probably resort to probing the DNS for AAAA
records once there are sufficiently many IPv6 hosts to make this worthwhile
from a cracker's point of view. Disallowing zone transfers to unauthorized
hosts should complicate this strategy however.

To be clear,, I don't use IPv6 as a security tool; it's rather that I'm having
fun with it, and I don't like NAT, but would prefer to give each of my systems
static IPv6 addresses than to pay $$$ to obtain static IPv4 addresses.