ufw is the super easy firewall interface featured in Ubuntu and also the latest Debian.
Somewhat like fail2ban, one feature of ufw is built-in rate limiting to protect against brute force attacks.
While this could be used on any port, a common use is on port 22 to protect against ssh dictionary attacks or other poking.
To enable rate limiting on ssh, issue the following:
$ sudo ufw limit ssh
(PS: You can give this command to safely overwrite your current ssh rule.)
To view your current firewall configuration use:
$ sudo ufw status
user@li166-66:~$ sudo ufw status [sudo] password for user: Status: active To Action From -- ------ ---- 22 LIMIT Anywhere
This will deny connections of an IP if 6 or more logins are attempted in the last 30 seconds.
To the person trying to brute force, it will look similar to this:
And yes you could also use this to rate limit pop, imap, or smtp logins!