1 of 1 people found this helpful
There is no way to figure out the intention of a packet given this audit message. I don't understand how someone could use that IP in a 'hack', as it's a network address and is not routable. Whatever the intention was, your firewall blocked the connection.
What's funny is I googled that address and found this posting. There is not much else.
I can tell you that I have not seen an attack like this before, and as Sam said, it is not even a routable address.
Was this a one time occurance? If it continues to happen, it might be interesting to capture this in a raw tcpdump.