Rapid-fire bruteforce attacs are easy to head off, first OpenBSD PF style, with state tracking options to set limits:
/etc/pf.conf
table <bruteforce> persist
block quick from <bruteforce>
pass inet proto tcp to $int_if:network port $tcp_services \
keep state (max-src-conn 100, max-src-conn-rate 15/5, \
overload <bruteforce> flush global)max-src-conn: # of connections from one host
max-src-conn-rate: rate of new connections: 15 connections per 5 seconds.
overload <bruteforce>: offenders go to the blocked table
flush global : kill all connections
Basically, problem solved - the noise generally disappears instantly. If you like, tweak rules to local tastes and needs.