I have a bot attacking my FTP server, is there anything built into virtualmin to block the IP or do I have edit my IP tables?
I use webmin’s linux firewall to block a range of ip’s abusing services on my box. I also use fail2ban to watch failed login attempts against ftp, apache, and other services you can monitor.
As jaldeguer mentioned, the thing “built into Virtualmin” is the Linux Firewall module. It’s a comprehensive UI for iptables.
You might also experiment with some variant of the example rules that Leif posted a while back to reduce SSH brute force attacks. The principle is the same, regardless of protocol (assuming the protocol is not stateless), and I believe FTP is a connection oriented protocol, so should work the same way.
Here’s the thread about those rules:
http://www.virtualmin.com/index.php?option=com_fireboard&Itemid=77&func=view&id=2870&catid=8#2870
(You’d do it for port 21 and 20 for FTP, instead of 22.)