Traditional Anti-Bruteforce Rules, Linux Style

The Linux equivalent would be something like

sudo iptables -A INPUT -i eth0 -p tcp --dport 22 -m state --state NEW -m recent --set --name SSH
sudo iptables -A INPUT -i eth0 -p tcp --dport 22 -m state --state NEW -m recent --update --seconds 5 \
--hitcount 15 --rttl --name SSH -j DROP

(but minus the max # of connections limit, plus the usual iptables warts). And you'd need a separate set of commands for ip6tables.

Likely doable with other tools and products too, including possibly some proprietary ones.

So, basically, the rapid-fire bruteforce or floods problem has been solved with trivial configuration tweaks.