Hey,
We can do this easily by installing APF firewall , I also have experience with this kind of attacks . The hacker is running a script that will first scan IP's and then brute force , these are called prv8 scanners most of the times . Also we can harden the server if you want at a one time 100$ you can see what all we do for it at [login to view URL]
Thanks,
Shiva