I've been doing some reading about Wordpress security. I already do some iptables blocking on IP addresses that make excessive login attempts, but I was curious about what they were doing and why. I found that there are some good Wordpress plugins that add application level security. I installed two plugins.
Simple Login Logs gives me more information about login attempts. I wanted to see what parameters they were using.
Limit Login Attempts will let you do application level blocking of IP addresses, with notifications.
So now I will get more information, and just that little extra bit of security.