I probably set these settings to low, as I see daily numerous port scans from various IP, but often from an IP range that is my ISP. Does anyone else use this and what are the settings you use. I believe I set it to 10 ports before classifying it as an "attack". Is this too low?