Comment 2 for bug 981334

there are other weird things that I still can not understand if you can be traced to the first capture is a proficient direction. br I'm implementing some security tools included in BackTrack here WireShark and I connect my device following connection generated approx 50 IP's related lines of Google, Ubuntu and Facebook but then some of them called me a lot of attention because it started with SSH:

48 94.183967 201.253.81.212 AQUI_VA_MI_IP TCP 68 50857 > ssh-mgmt [SYN] Seq=0 Win=8192 Len=0 MSS=1452 WS=256 SACK_PERM=1
49 95.873940 201.253.81.212 AQUI_VA_MI_IP TCP 68 50857 > ssh-mgmt [SYN] Seq=0 Win=8192 Len=0 MSS=1452 WS=256 SACK_PERM=1
50 101.924839 201.253.81.212 AQUI_VA_MI_IP TCP 64 50857 > ssh-mgmt [SYN] Seq=0 Win=8192 Len=0 MSS=1452 SACK_PERM=1
CAMBIO
51 103.204864 201.3.66.43 AQUI_VA_MI_IP TCP 68 52985 > 26914 [SYN] Seq=0 Win=8192 Len=0 MSS=1452 WS=256 SACK_PERM=1
52 106.223707 201.3.66.43 AQUI_VA_MI_IP TCP 68 52985 > 26914 [SYN] Seq=0 Win=8192 Len=0 MSS=1452 WS=256 SACK_PERM=1

Analyzing these IP's I see that I have this:
201.253.81.212 Argentina Buenos Aires Apolo -gold-telecom-per Aseguramiento de Datos
201.3.66.43 Brazil Comite Gestor Da Internet No Brasil Brasil Telecom S/A - Filial Distrito Federal

This having everything closed without chat, browsers, update manager and nothing more ...
Then two lines of Google
Three more lines

55 113.313488 201.3.66.43 AQUI_VA_MI_IP TCP 64 52985 > 26914 [SYN] Seq=0 Win=8192 Len=0 MSS=1452 SACK_PERM=1
201.3.66.43

Why might this be happening? here after you have closed the ports as I said Andres Mujica and by testing from the outside are actually closed, but when connecting to Internet servers connected to Argentina and Brazil and the start of the thread was that I received an invitation from Brazil.

Additionally solved a problem (bug) that had long permissions on my / home: P

Any help and / or suggestions?