Good point! Disablement of IIS would cause a red flag pretty quickly, although you may have enough time to sploit the crap out of everything you find to create more backdoors before you turn it back on....

[ more ]