so I am getting thousands of failed login attempts for my ftp server. The server is vsftp. I want to block the brute force attepts much like I do using denyhosts to block ssh attacks after 4 tries. I have heard of fail2ban, but I can't find anything on how to set it up with tcp wrappers, it only seems to work with iptables. I don't want to use iptables. Is there any way to use pretty much anything but iptables to stop the brute force attacks.

Please reconsider. TCP wrappers is not a substitute for iptables. It's also a good idea to keep that second line of defense with iptables and TCP wrappers running together. I keep the same systems listed in both because I was sick of it too. It took a couple of months of going through logs and blocking networks after a whois look up for me to get the attacks knocked down. I was getting about 150,000 hits a month of bogus login attempts.

I also chose to block all of China, Taiwan, Hong Kong, and a couple of other countries where most of the attacks are coming from. There has been some credible research suggesting that these attacks don't come from China for example. They are computers in China primarily compromised by crackers here in the US. I don't really care personally where or why. I was just sick of it. They don't have the education and expertise to lock down their systems. This is a shame but too bad. The best solution is to block them. Let me know if you need more help with an iptables script. I keep a separate blacklist file from the iptables script.

Don't get me wrong. I know where you're coming from. iptables is a pain in the neck to learn.

well, I don't mind using iptables I guess. So I will just use fail2ban with iptables. I know I can use firestarter as a GUI to iptables. Other than that, does anybody know of a good web article on iptables?