OMG!Attacked by TCP port scan

i was attacked in half an hour ago.(and also,fragmented ip packs were received)
log1
Date/Time :2008-03-22 13:18:18
Severity :High
Reporter :Network Monitor
Description: TCP Port Scan
Attacker: 38.107.161.148
Ports: 40210, 22281, 22025, 61448, 40456, 37640, 28168, 21768, 11528, 7944, 45319, 33031, 9990, 5894, 60165, 59653, 54533, 8197, 43780, 41732, 28420, 1043, 61458, 53010, 49170, 61373, 65535, 56287, 57343, 63485, 65535, 64488, 65535, 64438, 65535, 57290, 65535, 65007, 65535, 49147, 65535, 49134, 65535, 65260, 65535, 60351, 65535, 65511, 65023, 65533
The attacker has been temporarily blocked
log
2
Date/Time :2008-03-22 13:08:47
Severity :High
Reporter :Network Monitor
Description: TCP Port Scan
Attacker: 72.172.90.75
Ports: 40210, 22281, 22025, 61448, 40456, 37640, 28168, 21768, 11528, 7944, 45319, 33031, 9990, 5894, 60165, 59653, 54533, 8197, 43780, 41732, 28420, 1043, 61458, 53010, 49170, 2002, 49150, 57584, 33290, 57544, 33290, 0, 0, 8, 10, 0, 0, 12400, 33284, 12400, 33284, 0, 0, 0, 0, 0, 0, 0, 0, 0
The attacker has been temporarily blocked

38.107.161.148 Comes from PSI (Performance Systems International Inc. in Washington DC. But i don’t think you have any reason to worry since CFP did block these attempts. Then again im not a super duper tech like most others. But these attempts were blocked which is good.

what did you do that makes this PSI attack you? ???

but how about that 72.172.90.75 ?
and i think thats a hacker using fake ip.i know that some tools can be used to change the ip adress into a fake one

this is all i could find for the other IP

IP address: 72.172.90.75
Reverse DNS: 75.90.172.72.in-addr.arpa.
Reverse DNS authenticity: [Could be forged: hostname 75.90.172.72.in-addr.arpa. does not exist]
ASN: 0
ASN Name: IANA-RSVD-0
IP range connectivity: 0
Registrar (per ASN): Unknown
Country (per IP registrar): US [United States]
Country Currency: USD [United States Dollars]
Country IP Range: 72.172.64.0 to 72.172.95.255
Country fraud profile: Normal
City (per outside source): Encino, California

now it says Reverse DNS authenticity: [Could be forged: hostname 75.90.172.72.in-addr.arpa. does not exist] Which to me looks suspicious. But i cant be 100% sure on that.

Were you running a torrent or other P2P type application at the time?

Ok i found where 72.172.90.75 came from

Address: 16060 Ventura Blvd Suite 105-211
City: Encino
StateProv: CA
PostalCode: 91436
Country: US

Seems to be all businesses at that address

is that log by Comodo Firewall?