I've read over the documentation here: http://www.fail2ban.org/wiki/index.php/HOWTO_fail2ban_0.7.x#Setup and I am not sure what I really need to do. On the logs I get from ISPConfig, there are many many failed login attempts and I would like to ban these people.
All you have to do is find out in which log files failed login attempts get logged, and then adjust the rules to find these failed attempts in the logs. I think you should start with the default rules, before you change anything. Maybe they already work for you. Also take a look here: http://www.howtoforge.com/fail2ban_debian_etch
