What kind of situation marks the site was hacked?

　　When the site was hacked, the administrator should urgently do what work? Of course, the invasion is to find the entrance as quickly as possible to find out which place is utilized, and thus guard against. How to check your site is not being compromised?
　　IIS7 website monitoring
　　test whether the site was hijacked, DNS pollution detection, invasion and other information.
　　The site will leave any traces after the invasion?
　　The system logs, firewall logs, database logs, and other similar logs, as well as a gateway to access records and the like.
　　In which the most dangerous invaders record contains the IP address and other relevant information, so a qualified hacker must be able to disguise your IP address.
　　Mainly various log files.
　　There is a variety of shel used in the invasion.
　　Whether it is intentional or retreat did not stay clean.
　　They are evidence for web sites, check the log to be able to detect intrusion, so for site security personnel have the right to check the system log.