Good day, question of slight concern, recently in the logs theirs been allot of sessions open and closed on the proftpd under the user of "ntml", which shouldn't/doesn't exist. Each attempt is from a different IP address location.
Any suggestions on what it could be, and how best to block this?
Any suggestions on what it could be, and how best to block this?