Suspicious Activity?

I've got Firestarter Firewall set up on my Ubuntu machine. Today, I looked in the logs and found the following blocked connections:

Code:

Time:Jul 12 14:24:02 Direction: Unknown In:eth0 Out: Port:38354 Source:APuteaux-152-1-26-228.w82-120.abo.wanadoo.fr Destination:192.168.1.62 Length:40 TOS:0x00 Protocol:TCP Service:Unknown
Time:Jul 12 15:25:22 Direction: Unknown In:eth0 Out: Port:38354 Source:81.248.204.182 Destination:192.168.1.62 Length:40 TOS:0x00 Protocol:TCP Service:Unknown
Time:Jul 12 15:53:02 Direction: Unknown In:eth0 Out: Port:38354 Source:84.4.25.127 Destination:192.168.1.62 Length:40 TOS:0x00 Protocol:TCP Service:Unknown
Time:Jul 12 16:17:13 Direction: Unknown In:eth0 Out: Port:38354 Source:82.230.155.139 Destination:192.168.1.62 Length:40 TOS:0x00 Protocol:TCP Service:Unknown

It appears as if 4 different IP addresses have tried to connect to my computer? All of which I do not recognise. This makes me worry about my security. I have an NFS share, but i've only allowed incoming connections from my Kubuntu computer. I've put in the line 'ALL:ALL' in the hosts.deny file.

 

81.248.204.182 AStDenis-101-1-8-182.w81-248.abo.wanadoo.fr. [France [City: St. Denis, RéUnion] ]

84.4.25.127 No PTR records exist for 84.4.25.127. [France]

82.230.155.139 vit94-4-82-230-155-139.fbx.proxad.net [France again]

Have you said anything nasty about the french recently? lol

 

How did you manage to locate the city of the first one?

 

Standard Reverse DNS query [DNS Stuff: DNS tools, DNS hosting tests, WHOIS, traceroute, ping, and other network and domain name tools. has a nive web gui].

It cant be held as reliable... as if you rev-dns me it comes up with manchester [england], im in scotland! lol

 

Hmmmmmmmm.. Says I'm in London when I'm closer to Manchester! Oh well thanks anyway.

 

LOL

I don't know whether to be worried or not? I wonder if the hackers (if that's what they are) were expecting a Windows machine or not? What damage could they cause to my Linux box if they got past the firewall? Could they browse my home folder for example (which is shared via NFS, but only to a specific IP address)?

 

If your talking about 'hacker' as in the dangerous-evil law breaking nasty guys... your talking about crackers.

To exploit anything, it needs to have a vulnerability. Nothing will be getting past your routers firewall (NAT) unless port forwarding is set, or its vulnerable (but most run Linux AND auto update.... so what are the chances?) and i doubt ether of your machines are vulnerable ether.

I wouldnt worry... Just keep your computers patched and you'll be fine. The chances of somebody with a unknown zero-day picking on your are remote