Just curious but was it the fact they where trying to get through a SSH tunnel they could not get access?
Yeah, that was a red flag. I run my own server for giggles. Nothing serious. But I had a TON of brute force hack attempts on my server. We even got hacked a few times at work (we're small, I help out doing sysadmin there as well) because of brute force attacks & a weak password.
Anyway, so one of the countermeasures I took was to move my SSH port WAY up into the nonstandard port range. Since I've done that, my hack attempts (at least those...I still get a lot of web overflow attempts) have dropped off to almost 0. I'd say I'm lucky if I get 3 unknown connections a year now.
So, the fact that a) it was a GET request on something nowhere NEAR a standard web port raised flag #1, and b) the fact that it was for
www.google.com raised flag #2.
Oh, and this showed up on Slashdot today. Made me wonder if it was something like this.
http://slashdot.org/article.pl?sid=07/11/18/1824230
