NT Logon Security Auditing (Part II)

I guess what I should have asked was if there is a program that can tell me who is trying to hack into a server.
I get this info:

Logon Failure:
Reason: Unknown user name or bad password
User Name: Robert
Domain: DOUG.COM (sometimes RLD)
Logon Type: 3
Logon Process: NtLmSsp Authentication Package:MICROSOFT_AUTHENTICATION_PACKAGE_V1_0
Workstation Name:\\DOUG

This IS NOT a machine on my network.
This IS NOT a user on my network.

The Workstation hame: \\DOUG does me no good. I need to get an IP address instead.
Any ideas?