Did you preserve the MAC times from the virtual
directory, as well as the DLL you found? You could
use those to track back activity, based on whatever
logging (EventLog, IIS web logs, etc) that you find
suspicious activity in. Since you say you only allow
port 443 access, that may rule out directo...
directory, as well as the DLL you found? You could
use those to track back activity, based on whatever
logging (EventLog, IIS web logs, etc) that you find
suspicious activity in. Since you say you only allow
port 443 access, that may rule out directo...
[ more ]