'blacklisting' an IP-address after several loginfailures?

[Joachim Dagerot]

I'm under attack!

I have pages up and down with failed login attempts, usually they are
trying to hack the root account (which simply can't be used to get in
by SSH) but they are also trying to access the system with various
usernames (bruth force).

Is it easy to load a package that simply adds a deny entry for each IP
that has failed to login for X amounts of tries?