over this last week my isp has been scanning my ports occasionaly..firewall
keeps popping up saying security type....port scan ..severity..minor...tonight it has ben really aggresive and had a few popups saying security type...active responce...severity...major..contactd them by phone and they say they aren't doing it and unless i had some very good software i couldnt tell if they where..then they said they can scan my ports if they choose to see if i am online but in the space of 25 minutes they have done it 19 times 5 of which has been seeking an active responce..i'm not sure what that is or why they are however i'm pretty sure they shouldnt be doing it
gave them these details and they are saying that its not them and that is just the details of my isp
i smell siht somewhere..is there anyone i can take this up with?
when i use who is the details i get is :

% This is the RIPE Whois server.
% The objects are in RPSL format.
%
% Rights restricted by copyright.
% See http://www.ripe.net/ripencc/pub-services/db/copyright.html (http://www.ripe.net/ripencc/pub-services/db/copyright.html)
inetnum: 212.50.187.0 - 212.50.187.255
netname: ADSLPOOL-KCOM
country: GB
descr: Karoo Rapid dynamic pool
admin-c: KR2955-RIPE
tech-c: KR2955-RIPE
rev-srv: ibex.kcom.com
rev-srv: bison.kcom.com
remarks: infra-aw
status: ASSIGNED PA
notify: ripe@as12390.net (ripe@as12390.net)
mnt-by: KINGSTON-MNT
changed: gareth@nospam.ipnoc.kcom.com (gareth@nospam.ipnoc.kcom.com) 20031118
source: RIPE
route: 212.50.160.0/19
descr: KINGSTON-NET001
origin: AS12390
mnt-by: KINGSTON-MNT
changed: andrew@hilborne.com (andrew@hilborne.com) 19990518
source: RIPE
role: KINGSTON ROLE
address: Kingston Communications
address: Telephone House
address: Carr Lane
address: Kingston-upon-Hull
address: HU1 3RE
phone: +44 800 138 4858
fax-no: +44 113 384 2468
remarks: **********************************************
remarks: *** Do NOT send abuse reports to any other ***
remarks: *** address EXCEPT abuse@as12390.net (abuse@as12390.net) ***
remarks: **********************************************
e-mail: ripe@as12390.net (ripe@as12390.net)
trouble: Send ABUSE REPORTS to abuse@as12390.net (abuse@as12390.net)
admin-c: GW2558-RIPE
tech-c: GW2558-RIPE
nic-hdl: KR2955-RIPE
notify: ripe@as12390.net (ripe@as12390.net)
mnt-by: KINGSTON-MNT
changed: gareth@nospam.ipnoc.kcom.com (gareth@nospam.ipnoc.kcom.com) 20030919
source: RIPE

What I've learned from software firewalls is that you are better off disabling the alerts and enjoy the protection. Otherwise you get all fussed up about the information and there isn't a thing that you can do about it.
My ISP sometimes scan my ports to check if I'm running any servers as it is against the service agreement. It used to drive me nuts when the alerts would pop up when I used to use a software firewall. I quickly learned to disable the alerts and stop worrying about it.

Agreed, when I first connected to ADSL it drove me mad and 99/100 it was harmless stuff mainly isp scans. Though I am d/l a min of 1GB a day via BitTorrent which I am sure is against their user policy to use it so I could be on their hit list I guess. :)

I used to get that all the time on cable. It made me quite paranoid. Your ISP has a right to scan your ports, it's probably part of the user agreement. But after a year or two, you realize that you can just ignore it. As BlackDiamondJr posted, just turn off the alerts as they will eventually drive you crazy.