We install Asterisk phone systems for UK businesses and use a script called fail2ban, this monitors failed login attempts and then blacklists the IP address that they originate from. The IPs stay blacklisted for whatever length of time you specify in the scripts config. It'll even send you an email to tell you every time it blocks an IP, which is reassuring to start with but gets a bit annoying after a few weeks - too many scripts out now for hacking sip systems - we get around 10 IPs a day blocked by each system, and we put them on a permanant block.
Hope this helps some of you avoid falling into the clutches of these scammers from Sierra Leone.
Another good idea is to set up a trunk that catches international or premium rate numbers that requires a pin to access the trunk.