I love looking in my messages log and seeing thousands of random name
login attempts on my web servers... Anybody know a good way to auto
block an IP for X number of minutes (or perm) after so many invalid
login attempts?

Typically they try 3 passwords per name and a few thousand names per
run. Attacks are coming from all over the world, even a few in the US
(and I'm tempted to thwack them via their isp in those cases)