RE: [logs] RE: NT Event Log and Web Server Attacks

• Previous message: Eric Fitzgerald: "RE: [logs] RE: NT Event Log and Web Server Attacks"
• Maybe in reply to: Rainer Gerhards: "[logs] RE: NT Event Log and Web Server Attacks"
• Next in thread: Eric Fitzgerald: "RE: [logs] RE: NT Event Log and Web Server Attacks"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi Eric,

Is the new stuff already available in some beta or preview of Windows
Server 2003?

Rainer Gerhards
Adiscon

> -----Original Message-----
> From: Eric Fitzgerald [mailto:ericfat_private] 
> Sent: Monday, January 20, 2003 8:18 PM
> To: Frank O'Dwyer; Paul D. Robertson
> Cc: H C; Rainer Gerhards; loganalysisat_private; Tina 
> Bird; Marcus J. Ranum; Ben Laurie
> Subject: RE: [logs] RE: NT Event Log and Web Server Attacks
> 
> 
> Hi Frank,
> 
> Current event log APIs will continue to work, is what I am 
> told, but will be wrappers around the new API set. The 
> on-disk log format will be different.
> 
> Eric
> 
> -----Original Message-----
> From: Frank O'Dwyer [mailto:fodat_private] 
> Sent: Monday, January 20, 2003 11:07 AM
> To: Eric Fitzgerald; Paul D. Robertson
> Cc: H C; Rainer Gerhards; loganalysisat_private; Tina 
> Bird; Marcus J. Ranum; Ben Laurie
> Subject: RE: [logs] RE: NT Event Log and Web Server Attacks
> 
> 
> How about stuff like OpenEventLog, ReadEventLog, 
> EVENTLOGRECORD - will these continue to work, and/or have new 
> equivalents?
> 
> Cheers,
> Frank
> 
> > -----Original Message-----
> > From: Eric Fitzgerald [mailto:ericfat_private]
> > Sent: 20 January 2003 19:00
> > To: Frank O'Dwyer; Paul D. Robertson
> > Cc: H C; Rainer Gerhards; loganalysisat_private; Tina Bird;
> > Marcus J. Ranum; Ben Laurie
> > Subject: RE: [logs] RE: NT Event Log and Web Server Attacks
> >
> >
> > The new service will be 100% backwards compatible with the existing
> > Event Log service APIs, and some of the capabilities of the new 
> > service will be available even to apps that use legacy 
> eventing APIs, 
> > but you'll have to change API calls to take full advantage 
> of all the 
> > features of the new service.
> >
> > Eric
> >
> > -----Original Message-----
> > From: Frank O'Dwyer [mailto:fodat_private]
> > Sent: Monday, January 20, 2003 10:56 AM
> > To: Eric Fitzgerald; Paul D. Robertson
> > Cc: H C; Rainer Gerhards; loganalysisat_private; Tina Bird;
> > Marcus J. Ranum; Ben Laurie
> > Subject: RE: [logs] RE: NT Event Log and Web Server Attacks
> >
> >
> > > We have something up our sleeve but I don't want to over-promise &
> > > under-deliver.  Look for a significant audit collection 
> and analysis
> 
> > > tool from us this summer, and a completely replaced event log
> > > service with some really neat analysis capabilities in the next 
> > > version of Windows.
> >
> > What will this mean to users of the current APIs?
> >
> > Both analysers and ordinary programs doing logging?
> >
> > Cheers,
> > Frank
> >
> >
> >
> 
> 
_______________________________________________
LogAnalysis mailing list
LogAnalysisat_private
http://lists.shmoo.com/mailman/listinfo/loganalysis

• Next message: Paul D. Robertson: "RE: [logs] RE: NT Event Log and Web Server Attacks"
• Previous message: Eric Fitzgerald: "RE: [logs] RE: NT Event Log and Web Server Attacks"
• Maybe in reply to: Rainer Gerhards: "[logs] RE: NT Event Log and Web Server Attacks"
• Next in thread: Eric Fitzgerald: "RE: [logs] RE: NT Event Log and Web Server Attacks"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Mon Jan 20 2003 - 14:03:51 PST