if you insist on trying the ports ....telnet to port 110 to see what kind of server is running (= brand name + ver.) personally i prefer netcat "echo quit |nc -vv -n <ipaddy> 110". BTW what your port scanner tells you is running there is not necessarly the case. it's kind of a canned response to finding that port open. check for any exploits for the server you find that allow you to run code...spawn a shell, drop a trojan etc.

when you've finnished banging your head against the wall with all the DoS utilities you find, install the latest version of nmap w/winPcap and find out exactly what the exterior interface consists of. or at least what TTL does a ping return?