IIS HACKS

It is estimated that over 500,000 IIS ( Internet Information Server ) servers have been hacked in the last week. Last week the U.N. website was hacked along with approximately 10,000 other U.N. based servers. Google helped with the estimation by searching for the URL that the hackers were re-routing traffic to. The meta-refresh was embedded in the web server’s pages. SQL injection seems to be the culprit.

Microsoft said that multiple reports are coming in about various IIS attacks, but no patches have been issued. At first they thought it was related to a recent issue, but they aren’t sure. One easy, and cheap solution is to build a Linux firewall to help protect your Windows IIS server from being hacked. “Microsoft is currently aware of and is receiving reports regarding public claims of attacks on IIS Web servers,” said Bill Sisk, a security response manager at Microsoft.