Any idea what is going on here?
It is filling up the log.

Dec 10 19:49:39 sshd[25788]: Bad protocol version identification 'Big-Brother-Monitor-1.8b3' from 208.20.xx.xx

Dec 10 19:50:14 sshd[25806]: Did not receive identification string from 204.97.xxx.xx
Dec 10 19:50:32 sshd[25816]: Did not receive identification string from 209.23.xxx.x
Dec 10 19:51:15 sshd[25838]: Did not receive identification string from 204.97.xxx.xx
Dec 10 19:51:32 sshd[25848]: Did not receive identification string from 209.23.xxx.x
Dec 10 19:52:15 sshd[25870]: Did not receive identification string from 204.97.xxx.x
Dec 10 19:52:32 sshd[25880]: Did not receive identification string from 209.23.xxx.xx

This is either a result of a network monitoring system that logs into your ssh occasionally (ie. to see if you are still operational), or somebody trying to find vulnerabilities in your SSH server which is common when active on a public connection.

You may wish to put a firewall rule in to limit access to your ssh server, which will also lower the amount of logging that it is doing.

Thank you Tony.
Yes it is our old Big Brother system trying to reach the box .
Oh I get it now.
It pings the IP on the box and lets me know if it is up.
It also tries to make an SSH connection.
For some reason the ssh isn't working and it keeps trying.
Thank you for the suggestion I am just learning how to generate rules to cover the special situations.
I'll give it a shot.

Happy holidays,