It is not uncommon for malicious internet users to try and brute force their way in to your server. Here are some tips to improve security:
1) Use Public Key Authentication
When you first get your VPS from LawlNet, it comes pre-loaded with a SSH password for root login. This is just a temporary measure just to get your started as quickly as possible, and should not be used in production. We reccomend that you use Public Key Authentication instead of password auth. Please see here on steps on how to do this:
http://www.cyberciti.biz/tips/ssh-public-key-based-authentication-how-to.html
If you insist on using password based auth, then please try to use a password greater than 30 characters long for best security
2) Disable root access via SSH
It is a good idea to disable root access via ssh. You can do this in your sshd_config file. Please see here:
http://www.howtogeek.com/howto/linux/security-tip-disable-root-ssh-login-on-linux/
When you need root access to your server, you should create yourself an admin user with sudo access to perform admin tasks.
3) Use Fail2Ban
Fail2Ban can scan your ssh log file and automatically block IP addresses of users that are constantly trying to brute force their way into your server. Please see here:
http://www.the-art-of-web.com/system/fail2ban/
Note that log filenames may vary according to what distro you are using.
