It would be instructive to read up on the anti-spam measures.

Google for "tarpit", "teergrube", "greylisting", see OpenBSD's
spamd manpage, and for log watching I prefer swatch... see also
www.loganalysis.org

I haven't ever looked at a brute-forcing script, but if they're anything
like ratware out there, they're notoriously impatient and don't really
properly interpret the data stream.

I was trying to set up pf "overload" tables for ssh bruteforcing with
a client, but it wasn't working as specified, and I never did figure
it out... maybe they were somehow trying different account/pws within
the same TCP connection... dunno.

You could always use openvpn or IPSec ;-) I like the latter but I'm
a crypto weenie.  It's a bit difficult to troubleshoot.  Took me 8 hours.
Tip: use example policy files and use search-and-replace.
The tools a very unforgiving of mistakes and rarely log anything.
-- 
"On the Internet noone knows you're a dog - except Bruce Schneier."
Unix "guru" for rent or hire -><- http://www.lightconsulting.com/~travis/
GPG fingerprint: 9D3F 395A DAC5 5CCC 9066  151D 0A6B 4098 0C55 1484