It could be as simple as this in the top of Application.cfc:
<cfif Left(cgi.REMOTE_ADDR, 7) EQ "125.116">
<cfabort/>
</cfif>
You can play with checking patterns and achieve some acceptable results.
But still, I would recommend to handle it at web-server level for better efficiency. I don't know much about advanced IIS stuff, but extensions like Dynamic IP Restictions may work for you.