Right, I forgot to mention that. Most of the attacks are the result of web-aware viruses which attempt to auto-exploit known bugs in web server software. We're still seeing Nimda and Code Red attempts against our server on a constant basis. This means that each of those attacking sites is infected with the virus and the machine operator doesn't know they are infected.