can/should

As a new firewall admin I have a question for the white hats. I log port scans and do a whois to locate the ISP that owns the ip address. My questions is what else
can/should be done. I have no other reason to believe they got through or committed any crime. What else are you guys doing? I hope this is not to far off topic.

Barry S. Hudson
Network Systems Manager
Fredericksburg Savings Bank
www.fsbnk.com
Business Email - bhudson_at_fsbnk.com
All Other Email - barryhudson_at_compuserve.com

This email is intended for the addressee only. The material may be privileged and confidential information. If you have received this email in error, please notify me immediately by email and delete the original. Thank you.
Received on May 23 2000