We have found out that an old ASP site I have started looking after has been hacked.
1) link to a security check list
2) Free / recommended security tools
3) Put me in touch with a hacker / asp security expert to do an audit.
Any other advice?