Anyone who admins a Windows 2003 server with FTP access that must be opened to all ( e.g shared web hosting server ) will have encountered brute force FTP logins to the server. If you are using FTP via IIS ( which as shit as it is, is sometimes the only option ) then you will be very interested in the great scripting work by other bloggers.
Below are some links to excellent FTP ban scripts.
Instabans in IIS and also nullroutes on any “administrator” login attempts. Comments also include how to add extra usernames to instaban. ( tested and working on machines under my control )
Instabans based on failed logins and/or number of failed attempts.
Enjoy
