My good friend Tom Byrnes has conceived and created a blocker list service that is distributed via DNS as a feed. These threat feeds are built from several sources including the Internet Storm Center - DSHEILD, TQM3, and subscribers voluntarily submitted log files. This provides a user with a listing of the major threats that have risen above the “noise” on the net. Unlike a LAN based IDS/IPS, each bad player is identified by several sources instead one, which significantly reduces the chance of a false positive. This service is known as ThreatSTOP (http://www.threatstop.com)
Implementing ThreatSTOP is extremely easy to get up and running on specific firewall platform.