<div>
<div class="content wysiwyg-content">
ok, i have an IIS 6 server (windows server 2003) with about 5 web sites on it. &nbsp;<br />
<br />
I notice that when i turn ON write access to my sites, some turkish hacker hacks my site.<br />
<br />
When i turn off write access, I'm good to go.<br />
<br />
For now, we've been turning off and on write access when we need to update but that's getting old so I decided to chase my security problem.<br />
<br />
Where do I start?<br />
<br />
I've checked access logs, etc and my passwords are good and solid, but obviously something else is going on.<br />
<br />
any ideas?
</div>
</div>


ok, i have an IIS 6 server (windows server 2003) with about 5 web sites on it.  

I notice that when i turn ON write access to my sites, some turkish hacker hacks my site.

When i turn off write access, I'm good to go.

For now, we've been turning off and on write access when we need to update but that's getting old so I decided to chase my security problem.

Where do I start?

I've checked access logs, etc and my passwords are good and solid, but obviously something else is going on.

any ideas?

IIS 6 exploits

IIS is Internet Information Services, the web server included with Windows Server operating systems. All current versions are built on a modular architecture; modules can be added or removed individually so that those required for specific functionality are installed. The full installation of IIS includes HTTP, security, content, compression, caching, logging and diagnostics.