Not sure if it's just me but since march 1st For a single server I've received ~125 "Large Number of Failed Login Attempts" alerts where the service being attacked was pure-ftpd. In that same timeframe there have been just 19 such alerts for all other services combined.
The attacks seemed to kick into high gear a couple weeks ago.
The attacks seemed to kick into high gear a couple weeks ago.