I'd say Apple make the quintessential "branded pc".....
They've also made their 'distro' available, see http://freshmeat.net/projects/ttlinux/ and their gpl page http://www.tomtom.com/page.php?Page=gpl
A blocklist generated by logging failed attempts would be the best solution for this. Not only would it be fairly successful in blocking known bad-hosts (with a fixed ip address anyway...) it would also be interesting to cross-link the data against known spam-hosts to see if theres any correlation. It would add credence to both blacklists and could decrease the effectiveness of the botnets.
On the other hand this could just be evidence that the spammers are feeling the economic downturn and have found a few cycles to spare. The attacks can easily be optimized; how many ssh servers allow an amanda to login?
Our business in life is not to succeed but to continue to fail in high spirits. -- Robert Louis Stevenson