we get lots of port scans, lots of IIS exploits, people looking for proxys, attempts to exploit our services (ftp, mail, ssh, dns). a good chunck of it is bad routing (or at least that is what i think). some comes from inside the uofa network but most comes from europe, aol, and a isp in texas. -- disclaimer: in my world spelling punctuation and caps are optional. ; )