If you server is noted to have been compromised for outbound network scanning, you can block ssh outbound until the threat is removed.
Edit iptables:
nano /etc/sysconfig/iptables
-A OUTPUT -p tcp --dport {PORT-NUMBER-HERE} -j DROP
Reload iptables
# service iptables reload