On top of the SAN being down right now, we’re dealing with being hacked (separate issues). Not a huge hack, but a hack nonetheless.

Here are some documents I’m circulating internally to help with awareness:

Securing Public Web Servers
Responding to Intrusions
Configure the Web server to use authentication and encryption technologies, where required
Protect your Web server against common attacks
Maintain the authoritative copy of your Web site content on a secure host

At one time certain US organizations (NSA? CIA? FBI?) had published guides on “Securing Internet Information Server” and that type of thing. Anyone remember that? Are they still around?