I have some bozo running the Stick DOS tool on my network @ work trying to stuff the IDS so it falls over. Luckly we are using ISS and it will not allow Stick tool DOS traffic to stuff it's DB to the point it dies...

My problem is that the bozo is spoofing his IP address to 0.0.0.0 and I'm not good enough @ IDS/Security/Etc yet to track him down.

Any ideas on how to track him down?

Thanks!

Tfunk