IIS Security Tool?

Hi all. I have a quick question. I don’t know if this person was just talking BS or not..but I was on a usenet the other day (I asked for information on the usenet group but no one has helped yet) where someone mentioned a software utility that you run on an IIS web server and it will test its security and they report its readiness to you.

Is this a made up tool? If not what’s it called and where can I get it – I’m interested in using it.

Thanks.

Besides the tool, is there a document anywhere that has a checklist of security items for IIS servers?