Wheel - just a note on my own experience of ssh.
I installed ssh on a remote Windows 2003 server with the intention of using my linux machine as an automatic backup download controller. Less than an hour after installing ssh on Windows it was hit by potential exploiters. Within another hour it had been hit hundreds of times at non-stop sub-second intervals. Nothing got through because of strong passwording but it was scary.
I closed the port again (Windows Policy) and haven't gone back to it. I know I should sometime but at present I still don't have time to find out how to harden the Windows installation (presumably using alternative ports etc).