A little while ago, the network sysadmin started thinking more about security. I think the incident with the Storm Worm got him a little worried. He really took to the firewall and started locking it down. One night, I performed a port scan of our firewall from home. I was a little surprised at what came back. One of the open ports was FTP, 21. I suggested we shut down the FTP server. It doesn't get used. Well, it does, but once in a blue moon. We don't allow attachments larger than 10 megs through the firewall. So, if a vendor needs to get us a file, we create a temporary user on the firewall, and let them upload it. The reverse happens when one of our users needs to get a big file to a vendor. Since this happens maybe 5-6 times a year, I suggested we turn off FTP, and start it as needed.
The decision was "no."
The other day, the network admin was scanning the ftp logs. The FTP server is getting attacked brutally. Each log has thousands upon thousands of brute-force login attempts.
I still say we should turn off FTP, but the answer is still "no."