One recent reply to a kippo-attack complaint explained that the attacking ip is a TOR exit node.
Of course there is no way for us to find the real attacker when he/she is using TOR
for making this attack. Sad that this important service is abused in this way.
The system you have identified (cs-tor.bu.edu / 204.8.156.142) is an exit node on the Tor network. Tor is a distributed cryptographic anonymizing proxy service. The network traffic you detected was merely relayed through this system, and did not originate there. It is not possible to trace these connections back to their original source.