Hi,
I bought a new HP All-In-One printer that is connected to my network and from time to time it does a Port scan to my computer. Instead of changing the default parameters, defining that this IP address is safe would be a better alternative.
I think that Intrusion Detection could be improved by allowing to establish a list of IP addresses that would be disregarded as Flooding or Port scanning.
Thanks,
~/gnfpt