Seems the script kiddies are now hitting vsftp with dictionary attacks. I had three boxes showing around 12000 attempts from one IP yesterday. My thoughts are that there should be an upstream solution for this which is then supported by the upstream vendor. Yes, I know there are several 'other' solutions, but I'd really like to stay mainstream and use a supported method for dealing with these issues. I can't help but view them as security issues. Best, John Hinton