In recent versions, MSL uses denyhosts.
]# cat /etc/denyhosts/denyhosts.cfg
#------------------------------------------------------------
# !!DO NOT MODIFY THIS FILE!!
#
# Manual changes will be lost when this file is regenerated.
#
# Copyright (C) 1999-2010 Mitel Networks Corporation
#------------------------------------------------------------
BLOCK_SERVICE = sshd
DENY_THRESHOLD_INVALID = 5
DENY_THRESHOLD_VALID = 10
DENY_THRESHOLD_ROOT = 10
DENY_THRESHOLD_RESTRICTED = 5
HOSTNAME_LOOKUP = NO
HOSTS_DENY = /etc/hosts.blocked
LOCK_FILE = ./supervise/lockfile
PURGE_DENY = 5d
RESET_ON_SUCCESS = yes
SECURE_LOG = /var/log/sshd/current
SSHD_FORMAT_REGEX = @.*? (?P<message>.*)
SUSPICIOUS_LOGIN_REPORT_ALLOWED_HOSTS=YES
WORK_DIR = /usr/share/denyhosts/data
So it takes 10 attempts to be locked out, I believe.
Look at /etc/hosts.blocked.