| Microsoft Internet Security and Acceleration Server 2000 |
This topic shows the signaling of the event. The variable 'AdditionalKey' is the index into the additional-keys table, and holds the value of 2, signifying that this event is "DNS Length Overflow". The following code assumes that the "DNS Length Overflow" event occurred.
Note SignalEvent will usually be called from C++ code. VBScript, as in the example below, is likely to be used for testing purposes.
Sub SignalEvent()
Set AlertNotification = CreateObject("FPC.AlertNotification.1")
Dim SysLogEventStrings(1)
EventGUID = "{DF2D1202-929C-11d2-872C-00A02453BDDE}"
ServerName = Empty 'Meaning current machine
AdditionalKey = 2 'Index in AdditionalKeys table specifying that "DNS Length Overflow" attack occurred.
' This parameter contains data needed for system log reporting
SysLogEventType = 0
SysLogEventCategory = 2
SysLogEventSourceName = "ISS Filter"
SysLogEventID = &H80000006
'Assume that &h80000006 is ID of resource string such as: "DNS attack of type '%1' detected"
SysLogEventStrings(0) = "DNS Length Overflow" ' Will be substituted in the string above
SysLogEventData = ContentOfPacket
AlertNotification.SignalEvent EventGUID, ServerName, AdditionalKey, _
"DNS attack detected", "ISS Filter detected a DNS attack", _
SysLogEventID, SysLogEventSourceName, SysLogEventStrings, SysLogEventData, _
SysLogEventCategory, SysLogEventType
End Sub ' SignalEvent