My post will not get as much press as Slashdot, but here is some postings from sources at MS, including Bill Staples on the SQL Injection attacks that help clarify things.
http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx (Sample ASP debugging code)
Here is a post on forums.iis.net about this topic
http://forums.iis.net/t/1148917.aspx?PageIndex=1
For those who want to use Log parser to detect in your IISLogs if you’ve been hit, here are a few log parser examples.
‘This will find all webpages that had sql injection. You can change the wording between the %% to look for a different string
logparser -i:iisw3c “select date,time,cs-uri-stem,cs-uri-query from <example.com> where cs-uri-query like ‘%CAST%’” -o:csv
‘This will give you the first time your site was hit, if applicable.
logparser -i:iisw3c “select date,time,cs-uri-stem,cs-uri-query from <example.com> where cs-uri-query like ‘%1.js%’” -o:csv
‘Download Log Parser 2.2
http://www.iis.net/downloads/default.aspx?tabid=34&g=6&i=1287
Hope this helps,
Steve Schofield
Microsoft MVP – IIS