The Mac OS X has a build in firewall that prevents others accessing your system on ports you’re not using.
However, the moment you enable a server (deamon) like ftp, ssh, or http you’re also allowing anybody to access that server.
The firewall will allow anybody to enter. Of course your ssh and ftp server can only be used when the visitor has a valid user name and password.
But, with the current Internet speed, intruders can just try hundredths of user names and passwords each minute.
There’s no way Mac OS X will stop intruders from trying out more passwords.
Simple IDS does!