I frequently see brute force attempts at finding usernames in my FTP server logs all of the time. Someone will try to connect to the FTP server from an IP address (usually coming from China) repeatedly, using a dictionary attack of different usernames A through Z.
Does anyone have any ideas on how to block an IP from attempting to connect after 10-15 attempts?
I'd like to be able to do this on the firewall level, as we have a SonicWALL NSA 3500, and this would prevent any unneccassary traffic from entering the network. But if we had to do it on the server level, it's IPswitch WSFTP Server 6.1.