I find it rather funny that the Linux code is well commented but the SVR4 code has little to no comments at all. Just because the function names are the same doesn't mean it was copied. It just means that the coders implemented functions with the same names (and I bet that the Linux versions worked rather differently than the original SVR4 code).
I use a package called DenyHosts under debian. It seems to work ok for the standard scripted attacks. The best suggestion is to use tcpwrappers and restrict access. Of course also you want to use firewall rules as well and disable access for root through ssh (use sudo if you need root/admin access).
see... not lame any more. At least now I have something in my journal.