You need not to block the specific IPs, rather configure the screen feature to prevent such attacks. see the below KB for more details:
https://kb.juniper.net/InfoCenter/index?page=content&id=KB4821&actp=search
Best practice is, Configure specific rules to allow only legitimate traffic from Untrust to internal zones, Rules should be specific to the IP,s ports and the service. Once allow rules are configured then deny all other traffic from Untrust to the internal zones.
Thanks,
Vikas