Is there a way to register failed ftp login passwords for Microsoft FTP server? I am seeing quite a few failed FTP login attempts in log files and am wondering what technique attackers are using. For example, guessing password which is similar to to username or simply going through dictionary. Do they start with the same password each time and stop after say trying 1000 times, or they are always using new passwords so there is a continuity in the passwords used.

Ideally record failed attempts to a database and review it for analysis.