Auto Blocking IP's based on rules / policy / triggers.
I spend my mornings checking who has tried to hack us - when I see IP's that have been trying for hours / days I add their IP to my block-list.
This is now getting too time consuming to manage. Can we not have an auto block to any IP's that continually try to hack us. Maybe we can set some thresholds that when any IP triggers they get an auto block. But going forward I think this is a must.
I am sure my lfd on my Linux web server auto blocks hack attempts. Would love my Smoothwall to do the same :)
Alex St. Pierre commented
We can receive alerts of an excessive of connections to a particular ip. It would be nice if we could do a temporary block on the offending attackers ip. And then have the ability to also whitelist a known IP for good traffic.