Hello, all. I'm looking for input re: vulnerabilities on an NT4/Proxy 2.0 sp1, IIS 3.0 box hosting a small website. The box is locked down pretty tight (all SP's and hotfixs applied, IP filtering is tight, icmp blocked, no telnet, no ftp, user accounts are good 2 go, NTFS permissions are tight, current anti-virus in place, etc.) How would you go about trying to hack this box? Browser based attacks? DoS/buffer overflows? I'm interested in the full range of options... It's locked down pretty tight ( I can't hack it... yet ) but, as we all know, nothing's airtight on the internet...

P.S. I haven't been around here long, but I really am impressed by this community. I want to thank those of you who take your time to post thoughtful and intelligent posts (you know who you are) and, in particular, Mr. Vranesivich, for starting this up. It's one thing to analyze a piece of technology or read a book or tutorial, but, by and large, there's nothing quite like interaction and collaboration with other like-minded people for increasing knowledge and skill. Thank you all.