You might also consider using mod-security from http://www.modsecurity.org . If you apply the various generic rules on their site you will stop a lot of these in their tracks and then not have to worry about continually updating the firewall for various ip addresses.

Yes i think most of the 2.4.X kernels did need to be patch for the recent module, but I think most of the 2.6.X kernels now have it as a default module for the kernel. If you are using FC4 then it is already a module of the kernel.

To check just su to root, type at the command line:

modprobe ipt_recent

It should then exit to a new line without displaying anything, the to check to see the loaded modules type:

lsmod

You should get something similar to this:

ipt_recent 10764 0
ip_tables 19456 1 ipt_recent
joydev 9408 0
sg 35744 0
st 38944 0
sd_mod 18576 0
sr_mod 16420 0
scsi_mod 131304 4 sg,st,sd_mod,sr_mod
ipv6 242752 6
hfsplus 75140 0
vfat 12800 0
fat 49692 1 vfat
subfs 7552 1
speedstep_lib 4228 0
freq_table 4612 0
nfsd 223072 5


Your module list will be much longer than this, this is just a snippet of the output from my console. For more info just google for recent module iptables, I think it was written by a person named snowman.

You could also check out DenyHosts. http://denyhosts.sourceforge.net/ I have no idea how it compares to other programs that have been suggested. I researched into it a little while back but never got around to using it for real. Add it to your list of potentials, but you'll have to research it yourself.