IIS 5 & IIS 6
IIS atack every day
Re: IIS atack every day
Mar 09, 2007 02:30 AM|steve schofield|LINK
If I understand your reply, the attack comes on port 80 (HTTP) type requests. If that is the case and you have logging enabled. You'll have a record of the request in the logs. This appears to be someone running a robot scanning your network. If you
accept all requests for an ip address, these types of attacks are common. One way to minimize robot type attacks is to use host-headers exclusively.
List of all fields available to be logged.
Windows Server MVP - IIS
Log archival solution
Install, Configure, Forget