However searching the vsftp.log i discovered that some ip tried and logon to my system as USER anonymus with no password and USER ftp with no password. However, these accounts leads to nowhere with no right, it quite dangerous for me.
Short of disabling the FTP server altogether, which I assume you don't want to do, there's not a lot you can do to prevent people trying to login anonymously. That doesn't mean they'll be successful of course :) If you know that legitimate FTP connections are only going to come from certain places, or are definitely /not/ going to come from certain places, you can use TCP wrappers to allow and deny access. By default vsftpd runs from [x]inetd, I don't know about xinetd, but inetd will be setup to use tcpd. Read man hosts.allow and man hosts.deny to see how to craft allow and deny rules. -- James Ogley, Webmaster, Rubber Turnip james@rubberturnip.org.uk http://www.rubberturnip.org.uk Jabber: riggwelter@myjabber.net Using Free Software since 1994, running GNU/Linux (SuSE 9.0) GNOME updates for SuSE: http://www.usr-local-bin.org