I want to "protect" from brut force attack.

My idea is:

If there is 10 unsuccessful logins {
add firewall rule "disable ssh port for attacker IP"
}

How to do this on centos 5.1 with ISP config (because firewall is disabled)?

Take a look here:
http://www.howtoforge.com/preventing_ssh_dictionary_attacks_with_denyhosts
http://www.howtoforge.com/fail2ban_debian_etch
http://www.howtoforge.com/blockhosts_debian_etch

have you done the simple thing of changing the port that the ssh is on
that will also help out big time