Microsoft Internet Security and Acceleration Server 2000

Signal the Event

This topic shows the signaling of the event. The variable 'AdditionalKey' is the index into the additional-keys table, and holds the value of 2, signifying that this event is "DNS Length Overflow". The following code assumes that the "DNS Length Overflow" event occurred.

Note  SignalEvent will usually be called from C++ code. VBScript, as in the example below, is likely to be used for testing purposes.


Sub SignalEvent()
	Set AlertNotification = CreateObject("FPC.AlertNotification.1")
	Dim SysLogEventStrings(1)
	EventGUID = "{DF2D1202-929C-11d2-872C-00A02453BDDE}"
	ServerName = Empty   'Meaning current machine
	AdditionalKey = 2	'Index in AdditionalKeys table specifying that "DNS Length Overflow" attack occurred.
	' This parameter contains data needed for system log reporting
	SysLogEventType = 0
	SysLogEventCategory = 2
	SysLogEventSourceName = "ISS Filter"
	SysLogEventID = &H80000006
	'Assume that &h80000006 is ID of resource string such as: "DNS attack of type '%1' detected"
	SysLogEventStrings(0) = "DNS Length Overflow"  ' Will be substituted in the string above
   SysLogEventData = ContentOfPacket
   AlertNotification.SignalEvent EventGUID, ServerName, AdditionalKey, _
   "DNS attack detected", "ISS Filter detected a DNS attack", _
   SysLogEventID, SysLogEventSourceName, SysLogEventStrings, SysLogEventData, _
   SysLogEventCategory, SysLogEventType
End Sub ' SignalEvent

See Also