The best defense is a strong CHAINSAW SWORD!!!
First off…I wouldn’t recommend having a sql server that is accessible from the outside world.
In my case though I have a development server that I run from a partners network. Somewhere down the line some one or “some many” have run a scan and found this out. So my logs are filling up with password attempts.