I'm reluctant to fire back too hard for fear of collateral damage. The original attack came from a technical school in Eastern Europe. The attacks stopped after I contacted abuse@... It wouldn't make my day if somebody nuked servers at my day job because one fo the kiddies had been cracked.
I just did a whois <REMOTE_ADDR> for the 4 attacks in the past 9 days. I didn't get many clear targets. One IP# is pretty clearly a web hotel..
I haven't been as good as I should be about following up w/ abuse complaints...