05-04-2010, 11:04 PM
The reason I put my customized server in front of Astaro is because I can easily block some IP addresses permanently and automatically. For Astaro, I need to add them manually. However, Astaro is the best UTM I have tried so far and I want virus scan feature to protect my DMZ and LAN.
For "hn.kd.ny.adsl", I think it's not so easy to block. First, it changed IP often. Putting IP address there is not efficient. Second, it tried not only port scan but also all kind of attacks for emails, spam, web and Brute force attack. I want to block it without providing any service.
Any better idea?