When I ran my site on my own box, I would look at the logs and see all these attempts for IIS exploits. So I'd look at the IP and send em a message. Good fun...