IFPCAttackDetection::IPHalfScanDetectionEnabled property

  • Article

Applies to: desktop apps only

The IPHalfScanDetectionEnabled property gets or sets a Boolean value that indicates whether Forefront TMG will generate an event when an IP half-scan attack is detected.

An IP half-scan attack, or a stealth attack, is one in which the source computer sends a TCP packet with a flag that does follow the expected sequence, instead of an ACK packet, when a connection is completed so that the connection will not be logged and the source computer can continue to scan ports on the targeted computer without generating log entries.

This property is read/write.

Syntax

HRESULT put_IPHalfScanDetectionEnabled(
  VARIANT_BOOL fIPHalfScanDetectionEnabled
);

HRESULT get_IPHalfScanDetectionEnabled(
  VARIANT_BOOL *pfIPHalfScanDetectionEnabled
);

' Data type: Boolean

Property IPHalfScanDetectionEnabled( _
  ByVal fIPHalfScanDetectionEnabled As VARIANT_BOOL, _
  ByVal pfIPHalfScanDetectionEnabled As VARIANT_BOOL _
) As Boolean

Property value

Boolean value that indicates whether Forefront TMG will generate an event when an IP half-scan attack is detected.

Error codes

These property methods return S_OK if the call is successful; otherwise, they return an error code.

Remarks

This property is read/write. Its value is set to True (VARIANT_TRUE in C++) during Forefront TMG setup.

IP half-scan attacks can be detected only if the IntrusionDetectionEnabled property is set to True (VARIANT_TRUE in C++).

Requirements

Minimum supported client

 Windows Vista

Minimum supported server

 Windows Server 2008 R2, Windows Server 2008 with SP2 (64-bit only)

Version

 Forefront Threat Management Gateway (TMG) 2010

IDL

 Msfpccom.idl

DLL

 Msfpccom.dll

See also

FPCAttackDetection

 

 

Build date: 7/12/2010