[ale] possible hack attempt?

[smn]

I saw this in my /var/log/messages:
Dec  1 12:00:51 smnolde portmap[18350]: connect from 203.251.180.252 to
dump(): request from unauthorized host

And in /var/log/secure:
Dec  1 12:00:34 smnolde in.telnetd[18347]: refused connect from
bbs.tntnet.co.kr
Dec  1 12:00:34 smnolde in.ftpd[18348]: refused connect from
bbs.tntnet.co.kr
Dec  1 12:00:38 smnolde in.telnetd[18349]: refused connect from
bbs.tntnet.co.kr
Dec  1 12:00:52 smnolde in.ftpd[18351]: refused connect from
bbs.tntnet.co.kr
Dec  1 12:00:53 smnolde in.ftpd[18352]: refused connect from
bbs.tntnet.co.kr

I had his domain .kr in my hosts.deny file so tcp wrappers did it's job
(I hope!).  Has anyone else seen this guy?  Telnetting to him shows ZIP
BBS server.  Anyone know about this?

- Scott