the server and software needs to be setup and maintained to prevent them ...
here is log entry from earlier today an attempt on one of my servers a linux based webserver hosting forums
this is a malaysian IP address trying random usernames and passwords hoping to get lucky
in this case looking for email access ....
After a few bad attempts they are blocked for 5 min - slows them down pretty good - after a certain number of temp blocks they are perm blocked...
BUT often the people behind it are using dozens of compromised PCs to launch the attacks so blocking one IP only stops one attack vector
keep a decent firewall and maintain the server kernel version and the application versions and you can avoid most of these...Time: Mon Sep 16 07:57:59 2013 -0500
IP: 120.139.151.121 (MY/Malaysia/Selangor/Petaling Jaya/-)
Failures: 10 (pop3d)
Interval: 300 seconds
Blocked: Yes
Log entries:
Sep 16 07:57:44 entropy pop3d: LOGIN FAILED, user=test, ip=[::ffff:120.139.151.121] Sep 16 07:57:44 entropy pop3d: LOGIN FAILED, user=test, ip=[::ffff:120.139.151.121] Sep 16 07:57:45 entropy pop3d: LOGIN FAILED, user=test, ip=[::ffff:120.139.151.121] Sep 16 07:57:45 entropy pop3d: LOGIN FAILED, user=test, ip=[::ffff:120.139.151.121] Sep 16 07:57:49 entropy pop3d: LOGIN FAILED, user=test, ip=[::ffff:120.139.151.121] Sep 16 07:57:49 entropy pop3d: LOGIN FAILED, user=test, ip=[::ffff:120.139.151.121] Sep 16 07:57:50 entropy pop3d: LOGIN FAILED, user=test, ip=[::ffff:120.139.151.121] Sep 16 07:57:50 entropy pop3d: LOGIN FAILED, user=test, ip=[::ffff:120.139.151.121] Sep 16 07:57:54 entropy pop3d: LOGIN FAILED, user=test, ip=[::ffff:120.139.151.121] Sep 16 07:57:54 entropy pop3d: LOGIN FAILED, user=test, ip=[::ffff:120.139.151.121]