Re: IIS web server hacked..any tips?

[Ron <iago () valhallalegends com>]

That's like saying, "1 in 10 people is mentally insane, so look at the 
next 9 people you see: if they seem ok, you're the 1". 

The fallacy is in assuming that, because the number of compromised 
machines is (say, for the sake of argument) 50%, then if you have 1000 
networks of 10 machines, each of the networks has 5 compromised 
machines.  It's far more likely that 500 of the networks have everything 
compromised, and 500 of the networks have nothing.

To summarize: You can't say that every network is a microcosm of the 
Internet.  The ones that are very bad skew the statistics.

> Given that some estimates have anywhere from 60 million to 100 million zombies
> out there, and other estimate have 50%-90% of systems infected with spyware, if
> your organization has more than a half-dozen PC's, there's a good chance
> there's at least one zombie inside already.
>