All is quiet on the Western front.
In the past two days I've found and fallen in love with an ISO-Linux distro called Phlak. It is security oriented, and has a number of really nice tools in it. Next time we get hacked, this will be a very nice thing to have handy when it comes time to figure out what the heck the barsterds did to the server.
Due to the wonders of Virtual PC, I've set up a WinXP station that I can monitor from boot to shutoff. This is being useful, as I'm monitoring the scanning attempts on it from non WWU networks. So far the most interesting thing to happen was about 30 minutes ago, the same folks who compromised that server last week made another scan of our network. Useful to know.