the person is a blue yonder cable customer.
their specific node is
82-36-113-183.cable.ubr03.king.blueyonder.co.uk.
the ports are (according to)
http://www.iana.org/assignments/port-numbers
sgi-esphttp 5554/tcp SGI ESP HTTP
ms-sql-s 1433/tcp Microsoft-SQL-Server
netbios-ssn 139/udp NETBIOS Session Service
# 6124-6140 Unassigned
commplex-link 5001/udp
rfe 5002/tcp radio free ethernet
rfe 5002/udp radio free ethernet
fmpro-internal 5003/tcp FileMaker, Inc. - Proprietary transport
fmpro-internal 5003/udp FileMaker, Inc. - Proprietary name binding
# Clay Maeckel <clay_maeckel@filemaker.com>
avt-profile-1 5004/tcp avt-profile-1
avt-profile-1 5004/udp avt-profile-1
avt-profile-2 5005/tcp avt-profile-2
microsoft-ds 445/tcp Microsoft-DS
microsoft-ds 445/udp Microsoft-DS
# 6124-6140 Unassigned
networklenss 3410/tcp NetworkLens SSL Event
networklenss 3410/udp NetworkLens SSL Event
For the SQL (1433) if it was only on this port I'd say it was the SQL slammer (or variant) worm,
the guy is looking to port 139 to try to find the name of your machine, simply the amount of services he/she/it is looking for, (even to the extent they are looking for services that don't have properly assigned ports) tells me that this is (most likely definitly) a hacker.
Your only course of action would be to report this to blue yonder...
Don't hope for too much luck though, I once reported a guy running hacking scripts against the webserver at the company I work for to BT (nslookup showed the address belonged to a BT customer) they simply emailed me back to say port scanning and running illicit scripts against a server isn't illegal, and there was nothing they could do, unless we could proove that one of their customers had actually hack our machines gained entry and either stole erased or oftherwise chaged data...
-from the UKs largest ISP I found that a shocking response.
