There's no way to tell for sure if the person behind that ip is actually the one that attacked you. For instance, he could've been hacked himself, and someone could be probing you trough his ip. Either way, he has a security problem - his ISP knows this kind of stuff, they'll act according their rules of conduct.

Furthermore, I don't know how sophisticated Norton PF is: does it actually check for inbound NetBus data or does it just monitor and block port 12345? If the latter is the case, someone was probably just portscanning.