What kind of ftp attack is this?

[sedwards () sedwards com]

The following is an extract from a Solaris 2.5 (SunOS 5.5.1) box running
ftpd wu-2.4.2-academ[BETA-13](1).

The IP address appears to be a host in Romainia.

Is this a "well known signature" of a port scanning attack or ???

> Mar 24 13:51:34 strip ftpd[2699]: refused PORT 0,1328 from 193.226.92.xxx
> Mar 24 13:51:49 strip ftpd[2703]: refused PORT 0,1331 from 193.226.92.xxx
> Mar 24 14:37:06 strip ftpd[2835]: refused PORT 0,1344 from 193.226.92.xxx
> Mar 24 15:09:59 strip ftpd[2918]: refused PORT 0,1030 from 193.226.92.xxx
> Mar 24 15:10:14 strip ftpd[2922]: refused PORT 0,1034 from 193.226.92.xxx
> Mar 24 15:19:15 strip ftpd[2966]: refused PORT 0,1043 from 193.226.92.xxx
> Mar 24 15:19:31 strip ftpd[2968]: refused PORT 0,1046 from 193.226.92.xxx
> Mar 24 15:25:48 strip ftpd[2992]: refused PORT 0,1052 from 193.226.92.xxx
> Mar 24 15:26:04 strip ftpd[2994]: refused PORT 0,1055 from 193.226.92.xxx
> Mar 24 15:31:48 strip ftpd[3024]: refused PORT 0,1062 from 193.226.92.xxx
> Mar 24 15:32:08 strip ftpd[3027]: refused PORT 0,1065 from 193.226.92.xxx
> Mar 24 15:34:24 strip ftpd[3039]: refused PORT 0,1070 from 193.226.92.xxx
> Mar 24 15:34:49 strip ftpd[3045]: refused PORT 0,1073 from 193.226.92.xxx
> Mar 24 21:12:37 strip ftpd[4476]: refused PORT 0,1337 from 193.226.92.xxx
> Mar 24 21:12:55 strip ftpd[4478]: refused PORT 0,1341 from 193.226.92.xxx
> Mar 24 21:20:51 strip ftpd[4507]: refused PORT 0,1350 from 193.226.92.xxx
> Mar 24 21:21:09 strip ftpd[4509]: refused PORT 0,1353 from 193.226.92.xxx

Thanks in advance,
------------------------------------------------------------------------
Steve Edwards      sedwards () sedwards com      Voice: +1-760-723-2727 PST
Newline            Pager: +1-760-740-1220           Fax: +1-760-731-3000