The last few weeks, I've had an increasingly large number of IP addresses attempt to login via SSH and FTP to my server by randomly guessing at usernames. Thus far, it has not worked, but I was wondering, is there a way to block either just SSH and FTP or perhaps all services from those IP addresses if they fail, say, 10 times within 1 hour without any successful login attempts... and perhaps keep them from logging in for 1 day? Those specific numbers are just ones I'm pulling off the top of my head, if it would be easier to implement a different blocking period or after a different number of failed attempts, that would be fine.
I'm particularly concerned because the frequency of attempts is going up so fast -- yesterday, I had about 100 attempts from one IP address.
