Where to set max login for Proftpd?

[sagor]

I've noticed some "undesirables" trying to login to my ISP machine via FTP, and after 3 attempts him (or her?) gets locked out.
Question:
1) How long does it block the same IP from re-attempts? Can it be set?
2) Is there a way to add failed login attempt IP's to the firewall automatically?
3) Where can I set # login attempts for proftpd - seems to be somewhere in other database or config files?

Thanks

PS. I now have successfully got ISPConfig on perfect Hardy Heron working, with about 5 web sites with external DNS names. I've retired my IIS server and put Linux online. Not bad for a newbie lol... only took me 3 weeks
All this thanks mostly from help in this forum...keep up the good work guys.

[falko]

Is it possible that you're using fail2ban, DenyHosts, or Blockhosts and have locked out yourself?

[sagor]

It's not myself that is the issue, everything is working fine, including proftpd. I can also ftp from the outside world just fine

What I was referring to was that outside "hackers" were trying to FTP to my site, and tried to log in 3 times before the system (proftpd) did a "locked out" for that attempt. I do NOT allow any anonymous FTP. I wanted more detail on where those lock out parameters are set. Proftpd is behaving properly, and that user was unwanted, I just wanted the details of the Proftpd settings, and how ISPConfig controls it (if at all)

I wanted to know where this "lock out" attempts is set. Currently my system is just the "Pefect server Ubuntu 8.04" with ISPConfig and 5 web sites, nothing else added except ddclient and phpBB3...

I keep an active eye on hacking attempts. My "real" firewall is a Mikrotik router at the WAN side, nothing on the "Perfect Server", though I would entertain the though of adding firewall rules to iptables or something (but Mikrotik router has hundreds of rules already...)

So, the basic question is: where/how can I review/modify the behaviour of Proftpd, in particular the login attempts and lockouts (like setting it to 2 instead of 3, and setting lockout time to a long time)

Steve

PS, I did find the parameter for Maxloginattempts in the Proftpd website (default is 3) that goes into proftpd.conf:
http://www.proftpd.org/docs/directiv...nAttempts.html

But no info yet on how to control the "lockout" period.