I found this interesting article on securityfocus which explains how to use mrtg (a popular traffic monitor tool) to monitor intrusion attempts against a IIS 6.0 machine.

"But MRTG is also a very effective intrusion detection tool. The concept is simple: attacks often produce some kind of anomalous pattern and human brains are well-equipped to spot anomalous patterns, given some way to visualize those patterns. The MRTG does just that -- it gives you the big picture of your network traffic and it also slices it into different views, allowing you to see any counter trends for the last week, month, or year." - securityfocus

MRTG for Intrusion Detection with IIS 6