There is a way to disable any new login attempts into a
system. This can be achieved by simply creating a file
called /etc/nologin.
It can have a null file size or a message can be
placed into the file informing the status of the
system. If a user attempts to login remotely, a
message will display with contents of the
/etc/nologin file, and then disconnect the user.
However, ftp connections are not affected by this, if
ftpd is running.
NOTE: All tips provided are USE AT YOUR OWN RISK. Tips are submitted
by various unix admins around the globe. UGU suggest you read and
test each tip in a non-volitile environment before placing into
production.