My opinion is that it isn't worth the time to block specific IPs. They usually change. And if they're hammering away at invalid usernames, they're not going to make any headway.
I bump up the login lockout time to 30 days and leave it alone. I don't even bother with email alerts of failed logins.