Spoofing

to look up the sender's IP address, the four numbers separated by dots in the Received line. For argument's sake, let's say that the sender's IP address is 555.666.777.888. At Windows command prompt (Start, Programs, Accessories, Command Prompt) type:

Nslookup 555.666.777.888

This will likely tell you the name of their SMTP server. Another tool you can use is …

Tracert 555.666.777.888

… which shows the network route from your computer to the IP address indicated. Look for suspicious server names or clues to geographical locations (e.g., SFO for San Francisco). Again, you're looking for discontinuities. (Don't be surprised if the spoofer does some Internet magic to make the IP address useless to you, though.)

You can continue with this sort of detective work up through the different Received fields. If you are lucky you can track down the ISP of the true sender and at least get them kicked off their ISP.

Thanks viper

problem is when the attack occurs the first octec is the same the others are different ..random for each attack(denial of service
attacks.) thing is i host a dedicated game server and this is the port he attacks. and by the looks of my "block log file" hes a real newbie after attacking the port to witch i run the game on (maybe 20-30x)he will try on other various ports. well its a good thing my systems locked down-(tcp/ip stacks) so as my router/firewall log fills up ill keep looking for a way to track the lamer down.. anyother info/help you can give ?
thanks again

None that I can think of, If I find out anything I'll post back. Sorry I couldn't be more help.

its all good

thanks for your time : )

Na, I play a few games but not much into it anymore. Thanks though I appreciate it.