Checking Your Server Logs
Earlier, internet storm center received a report from an admin who, looking through his webserver logs, was able to identify a compromised system that had been used as a "toolz" dump. This highlights again, the importance of regularly examining your web server logs for signs of malicious activity and following up on what you find there. Thanks to this admin's efforts, the owners of the compromised system were contacted and the dump was taken offline.
If you're not regularly checking your webserver logs, or if you're not sure what to look for, here is an excellent guide that explains not only what to look for, but also explains why it's important.