It's not myself that is the issue, everything is working fine, including proftpd. I can also ftp from the outside world just fine
What I was referring to was that outside "hackers" were trying to FTP to my site, and tried to log in 3 times before the system (proftpd) did a "locked out" for that attempt. I do NOT allow any anonymous FTP. I wanted more detail on where those lock out parameters are set. Proftpd is behaving properly, and that user was unwanted, I just wanted the details of the Proftpd settings, and how ISPConfig controls it (if at all)
I wanted to know where this "lock out" attempts is set. Currently my system is just the "Pefect server Ubuntu 8.04" with ISPConfig and 5 web sites, nothing else added except ddclient and phpBB3...
I keep an active eye on hacking attempts. My "real" firewall is a Mikrotik router at the WAN side, nothing on the "Perfect Server", though I would entertain the though of adding firewall rules to iptables or something (but Mikrotik router has hundreds of rules already...)
So, the basic question is: where/how can I review/modify the behaviour of Proftpd, in particular the login attempts and lockouts (like setting it to 2 instead of 3, and setting lockout time to a long time)
PS, I did find the parameter for Maxloginattempts in the Proftpd website (default is 3) that goes into proftpd.conf:
But no info yet on how to control the "lockout" period.