http://blogs.msdn.com/carlosag/archive/2009/06/24/finding-malware-using-iis-seo-toolkit.aspxThe other day a friend of mine who owns a Web site asked me to look at his Web site to see if I could spot anything weird since according to his Web Hosting provider it was being flagged as malware infected by Google. My friend (who is not technical aten-USCommunityServer 2.1 SP1 (Build: 61025.2)http://blogs.msdn.com/carlosag/archive/2009/06/24/finding-malware-using-iis-seo-toolkit.aspx#9800751Wed, 24 Jun 2009 06:26:02 GMT91d46819-8472-40ad-a661-2c78acb4018c:9800751frymaster<p>An important point, worth repeating - while people, quite rightly, say that consumer linux is pretty safe from viruses, because noone bothers to write them, the same is NOT true of exploits and intrusion attempts. &nbsp;For obvious reasons, various versions of linux are targeted, either by trying to brute-force passwords or by exploiting weaknesses in common services. &nbsp;And once you have user-level access to a server, chances are you _will_ be able to turn that into root access. &nbsp;I'm on the security mailing list for the distro of linux my server runs on, and escalation attack fixes are not uncommon. &nbsp;Whichever OS a server uses, it needs to be hardened and locked down, and unnecessary services stopped. &nbsp;There is no OS capable of being used for servers that can remain resiliant in the case of careless adminning, though different kinds have different mitigation strategies</p> http://blogs.msdn.com/carlosag/archive/2009/06/24/finding-malware-using-iis-seo-toolkit.aspx#9804131Thu, 25 Jun 2009 22:34:35 GMT91d46819-8472-40ad-a661-2c78acb4018c:9804131ntulip<p>nice - 1st - i had no idea there was an iis seo toolkit - &nbsp;so thank for that.</p>