"I just thought of a feature that would be very useful when
configuring filters, whether it be Cisco ACL's or Linux iptables or
whatever. It would be helpful to be able to give a rule a time to
live value. Probably defined in seconds. Here's why I say this. As
a system administrator at an ISP, we see attacks on our customers
and ourselves constantly. Just a little bit ago I got a complaint
from one customer who had logged someone trying to make an ssh
connection. I don't see any more traffic from the offending IP
right now. My suspicion is that it was a probe for a vulnerability,
probably automated. What am I going to do about it? Nothing.
Filling the Cisco or firewall with rules blocking individual IP's
creates an administrative nightmare..."
Some of the products that appear on this site are from companies from which QuinStreet receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. QuinStreet does not include all companies or all types of products available in the marketplace.