Kerio Connect security log contains the list of events, which represent a threat to the system. It would be great to be able automatically block IP addresses from security log. Should be not too hard to implement also, as all elements are in place already, it only requires something like:
- Create IP list populated automatically with IP addresses from security log, add counter for every IP occurrence and blocked status flag;
- Add a section to Security/security policy page, for example named “Automatic blocking”;
- Implement controls to this section (enable, number of occurrences in the log before blocking (1-10), view list, edit list, etc.)
- Check incoming connections against the list and block if flag is up.
Such feature will permit to block out all these annoying hacking attempts automatically. Please vote!