Hi all...
The bain of every network managers life - security on remote access!!!
I've got an FTP server access to this is port forwarded from my internet router to wingate - then redireced via Wingate itself. The contents of this FTP server are backed up every night. All users have a login of course. Ports 20 &21 are of course open.
It all works, and our staff are accessing this from home. I've created an event for this so I can keep tracking usage.
No suprise, when I look I see IP addresses from China, USA and other countries in there - all our users are soley UK based. Obviously the only security I have here are of course usernames and passwords.
Now, the only way to blackhole these IP addresses, is to go to the log, note the rogue IP address, and then type this into the blackhole list. Copy and paste does not work because the input box is a different format. I realise that I could have a full time job here in putting such addresses in - is there a quicker way to blackhole these? What other security could I put in place?
Thanks in advance.
Steve