Snort mailing list archives
Re: Snort Event Ids on win2000
From: "Michael A. Davis" <mike () datanerds net>
Date: Wed, 28 May 2003 13:50:05 -0500
You don't actually need a separate message DLL. You can just include the .mc file into the exe itself and point the Registry key to the EXE. My original 1.7 port of snort that contained service code did this. Michael Davis Chief Technical Officer DataNerds http://www.datanerds.com ----- Original Message ----- From: "Chris Reid" <Chris.Reid () CodeCraftConsultants com> To: "Michael Steele" <michaels () winsnort com>; "'Joe Kinsella'" <jkinsella () silverbacktech com> Cc: <snort-users () lists sourceforge net> Sent: Wednesday, May 28, 2003 11:26 AM Subject: Re: [Snort-users] Snort Event Ids on win2000
As others have correctly stated, the cause of this warning is because no message DLL is associated/registered with the event source. Yes, I was aware of this behaviour. I just haven't yet had an opportunity to build
the
DLL and incorporate it into the existing snort source code. There seem to be enough comments about this behaviour that I'll make this task a higher priority. Chris Reid ----- Original Message ----- From: "Michael Steele" To: "'Joe Kinsella'" Cc: <snort-users () lists sourceforge net> Sent: Wednesday, May 28, 2003 10:03 AM Subject: RE: [Snort-users] Snort Event Ids on win2000 Joe, I'm not sure if it's a bug, but it's pretty minor if it is. How about it Chris, can this be fixed. I know I have seen several messages in regards
to
this particular logging quirk. Cheers... -Michael Steele -- System Engineer / Security Support Technician mailto:michaels () winsnort com Website: http://www.winsnort.com Snort: Open Source Network IDS - http://www.snort.org -----Original Message----- From: Joe Kinsella [mailto:jkinsella () silverbacktech com] Sent: Wednesday, May 28, 2003 8:53 AM To: 'Michael Steele' Cc: snort-users () lists sourceforge net Subject: RE: [Snort-users] Snort Event Ids on win2000 But the reason the event message is not formatted is because there is no message resource DLL registered for the SnortService event source. It wouldn't take much to fix this (just use the message compiler & change the install to add this to the registry). Is this not considered a bug? Joe ------------------------------------------------------- This SF.net email is sponsored by: ObjectStore. If flattening out C++ or Java code to make your application fit in a relational database is painful, don't do it! Check out ObjectStore. Now part of Progress Software. http://www.objectstore.net/sourceforge _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
------------------------------------------------------- This SF.net email is sponsored by: ObjectStore. If flattening out C++ or Java code to make your application fit in a relational database is painful, don't do it! Check out ObjectStore. Now part of Progress Software. http://www.objectstore.net/sourceforge _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- RE: Snort Event Ids on win2000 Joe Kinsella (May 28)
- RE: Snort Event Ids on win2000 Michael Steele (May 28)
- <Possible follow-ups>
- RE: Snort Event Ids on win2000 Joe Kinsella (May 28)
- RE: Snort Event Ids on win2000 Michael Steele (May 28)
- Re: Snort Event Ids on win2000 Chris Reid (May 28)
- Re: Snort Event Ids on win2000 Michael A. Davis (May 28)
- RE: Snort Event Ids on win2000 Michael Steele (May 28)