As I type, 2300 new botnet addresses have gone onto our servers' firewall rulesets since midnight, nearly all from attempted attacks on the same website (ramtops' personal site, FWIW; yesterday it was mostly Newswireless).

I suppose they don't actually do that much harm as such, and it's a handy way to harvest compromised IP addresses, but it's still a PITA. Can't help wondering how many sites there still are out there vulnerable to that SQL injection attack.