Over the weekend I have seen hundreds of smurf, syn and ack scans from an ip address that belongs to AOL. I have taken measures on my end to reduce the threat from this address but the scans are still proceeding.

I don't want to start attacking that address since it might just be kid (with no clue) running nmap. Does anyone have a "Nice way" to inform a potential attacker that I know who they are and they should stop their activities?