This nifty little script allows you to monitor log files for instances of brute forcing as well as popular exploits that show up in your server logs files. Anyone that has many servers should check this out.
BFD (Brute Force Detector) Home Page
There is also a nice little write up of how to implement BFD without AFP and some extended rules.
If you’re using Exim4 and PHP as a module or as a CGI with suexec. You may have noticed some issues with your mail. Specifically you would have noticed that either the “From:” header was using “nobody@machinename” or “user@machine name, its also possibly that you had an additional header called “Sender:”.
There are two things you need to do to fix this. You first need to make sure that your “php.ini” has the following value “sendmail_path = /usr/sbin/sendmail -t -i”. Which is the default, double check this variable as it might be set to something else.