I do not allow any incoming connections on my outside (public) interface. I see a lot of 'Deny tcp src.....' on my outside interface, this is fine and my acl is working.
Is there any benefit if I shun an attacking IP address, against a 'deny any any' access list?