Is there a setting in IIS 6 to turn an FTP site off after a specified number of failed login attempts? It has already been documented on this site that a Windows server sitting on a static IP address can record tens of thousands of failed login attempts a month.
One server I maintain has had tens of thousands of attempts made against the FTP port. I have solid passwords in place, so I am not overly concerned. I rarely have to use the FTP, so for the most part I turn it on and off as I need it. Sometimes though I forget to turn it off when I am done, only to find the next day that my EventLog is full of audit failures.
I would want to set a high number, in case I just messed up the password. Something like if 50 failed login attempts happen, just turn off the FTP site. Then if I need it later I can just start it again.
No, there's no setting like that: it'd allow anyone to denial-of-service (DoS) the server by failing a login attempt (or 50) while legitimate users were still trying to use it.
From what you've described, I'd think the easiest way to add a "seatbelt" to your use of FTP is to set a scheduled task to NET STOP FTPSVC every four hours, and/or perhaps as a logoff script for the box in question - should take care of most forgetful scenarios.
There are IDS and IPS monitoring packages that are able to take custom actions based on request volumes, login failures and so on, which you might want to look into, but for an occasionally-used service, I'd think you're getting into a cost/benefit hole.