Okay, so I'm relatively new to fail2ban and after installing fail2ban from the source tar.gz files, I noticed the that the /etc/fail2ban/jail.conf settings for blocking ssh looked a bit odd concerning the "log" file it was suppose to scan. By default, the configuration looks at the /var/log/sshd.log file which does not exist in CENTOS 5 so after some research, I found out that the log file should be set as /var/log/secure . The clause should look like the following:
enabled = true
filter = sshd
action = iptables[name=SSH, port=ssh, protocol=tcp]
sendmail-whois[name=SSH, email@example.com, firstname.lastname@example.org]
logpath = /var/log/secure
maxretry = 5
In the above, please replace my email address with your email information...