intensive scan

["docteurt () voila fr" <docteurt () VOILA FR>]

There is actually a blackhat who is scanning my firewall. I would like to know if someone here can identify what he is 
looking for, here is the trace of his scans :
from tcpdump :
10:20:46.784736 P <him>.3003 > <me>.56307: udp 8 (ttl 48, id 58711)
11:57:08.722110 P <him from another IP>.1144 > <me>.48010: udp 9 (ttl 117, id 33053)

The playload of his packets are :
0xff 0xff 0xff 0xff details 0x00
or
0xff 0xff 0xff 0xff ping 0x00

Thanks in advance for any help