Removing a service because of abuse is a stupid idea. Think about what the person who is doing the bombing wants: possibilities: 1) it wants to harass the machine, and limit its bandwidth by spamming it with several connections. solution: Contact his system administrator, I am sure he doesn't appreciate the huge waste of bandwidth either. If he doesn't resolve the situation, add an entry in hosts.deny. 2) it has no life, and wants to know when someone logs in at absolutely the earliest possible time. Perhaps this person is illiterate to the idea of system administration, and doesn't realize this is a huge pain in the ass. Write to the user and ask him to desist. If this fails, assume #1. 3) someone else is trying to get the user in trouble by harassing someone else. Uhhh...I'd still assume #1, and let the other admin sort out the details. IF it is the Admin who is performing this, then perhaps #2 is the case (an admin who has no clue in system administration???, believe it, it occurs more often than not.). Why should someone have to limit services to their users for the act of another? aot