Last years i use perfect software denyhosts for analyze logs and deny access if some ip address have 3 or more unsuccess logins.
I like that, but problem is - too much CPU/memory consuption for my weak computers.
May be some software without interpetator will be more good.
Can you suggest?
Try looking at fail2ban. and/or... rotate your logs so they don't get too big to analyze.
if you're running OpenBSD (or have a firewall somewhere in front of the machine in question), you could use pf(4) (or the equivalent for other firewall tools, e.g. iptables/ipchains) to block access to a given IP address for an arbitrary amount of time after an arbitrary number of failed login attempts.
actually, if CPU/RAM usage of denyhosts is causing you issues, you may want to switch to OpenBSD anyway for an OS that runs well on older hardware out of the box. see http://www.nmedia.net/flashdist/
If you are worried about load on your servers, then it certainly seems like it should be possible to setup syslog to send your logs off to some other system in the path. I can't give you the exact details, but it certainly seems like it should be possible to have all your logs gather to a central up-stream host which will perform any required intrusion prevent steps.
You can also setup iptables on the box to rate limit the number of connections. This in addition or in place of denyhosts/fail2ban should cut down on a lot on what those apps need to actually respond to.
