Denial of service attacks

I've had two major denial of service attacks from the address 12.3.89.21 and I backtraced it to this whois:
Institute for International Research INSTITINTREASEA-890 (NET-12-3-89-0-1) 12.3.89.0 - 12.3.89.127
Anyone have any idea who this is? I blocked it but it tried the second time a minute later. This is my first attach that reached my second firewall.
Thanks

 

Hi olopbob

Do you have any sample log entries (include protocol, source port/IP, destination port/IP (just xxx out your public IP) that might give us a better idea of what you are seeing?

Second firewall? Perhaps a little more info your set up might help as well.

Regards,

CrazyM

 

This attack made unlucky 13 hops to me, all through ATT.net except for three through my ISP. It's protocol was TCP, source IP 12.3.89.21 , destination IP 12.223.43.xx. I have XP firewall and Vcom Netdefense which caught it stopped it and denied access to all traffic until I read log and blocked IP.

 

Crazy M, forgot my security setup:
Webroot; spysweeper,window washer
Lavasoft; ad-aware
spyblocker and spyware stopper
spybot s/d
V-com systemsuite 5 with netdefense firewall and email scanner

 

You did not mention source and destination ports or how many. It is unlikely what you experienced was a DOS attack, but full log details may help us determine what you saw.

Regards,

CrazyM