I found this interesting article on securityfocus which explains how to use mrtg (a popular traffic monitor tool) to
monitor intrusion attempts against a IIS 6.0 machine.
"But MRTG is also a very effective intrusion detection tool. The
concept is simple: attacks often produce some kind of anomalous pattern
and human brains are well-equipped to spot anomalous patterns, given
some way to visualize those patterns. The MRTG does just that — it
gives you the big picture of your network traffic and it also slices it
into different views, allowing you to see any counter trends for the
last week, month, or year." – securityfocus
