- Put a more stringent password policy in place.
- Audit the use of permissions and access so you know who is doing what.
- Make sure the core operating system and any applications are properly patched and up to date.
- If you're using Internet Information Services (IIS), make sure it's locked down and that the content it's serving isn't sensitive.
Security isn't a task that can be completed; it's an ongoing process without end. You need to be ever vigilant, though congratulations are in order for recognizing you need to take some steps to protect yourself.
If your server has been penetrated by an unwanted user, then the only surefire way to eliminate the threat is to format the hard disk of the server and re-install from scratch. As the old security tenet goes, "once the hacker has access to your machine, it's not your machine anymore."
This was first published in October 2006