thats pretty good--
what sys are you using?
do you have any active firewall in which you could disable a block of ips or so? comes handy to just block the whole t-dialin block or like i do it: dynamically put the ips from where scans/ attack origin in the hosts.deny -file... you cant do better, no more attacs from that ip for ever )