IFPCAttackDetection::IPHalfScanDetectionEnabled property
Applies to: desktop apps only
The IPHalfScanDetectionEnabled property gets or sets a Boolean value that indicates whether Forefront TMG will generate an event when an IP half-scan attack is detected.
An IP half-scan attack, or a stealth attack, is one in which the source computer sends a TCP packet with a flag that does follow the expected sequence, instead of an ACK packet, when a connection is completed so that the connection will not be logged and the source computer can continue to scan ports on the targeted computer without generating log entries.
This property is read/write.
Syntax
HRESULT put_IPHalfScanDetectionEnabled(
VARIANT_BOOL fIPHalfScanDetectionEnabled
);
HRESULT get_IPHalfScanDetectionEnabled(
VARIANT_BOOL *pfIPHalfScanDetectionEnabled
);
' Data type: Boolean
Property IPHalfScanDetectionEnabled( _
ByVal fIPHalfScanDetectionEnabled As VARIANT_BOOL, _
ByVal pfIPHalfScanDetectionEnabled As VARIANT_BOOL _
) As Boolean
Property value
Boolean value that indicates whether Forefront TMG will generate an event when an IP half-scan attack is detected.
Error codes
These property methods return S_OK if the call is successful; otherwise, they return an error code.
Remarks
This property is read/write. Its value is set to True (VARIANT_TRUE in C++) during Forefront TMG setup.
IP half-scan attacks can be detected only if the IntrusionDetectionEnabled property is set to True (VARIANT_TRUE in C++).
Requirements
Minimum supported client |
Windows Vista |
Minimum supported server |
Windows Server 2008 R2, Windows Server 2008 with SP2 (64-bit only) |
Version |
Forefront Threat Management Gateway (TMG) 2010 |
IDL |
Msfpccom.idl |
DLL |
Msfpccom.dll |
See also
Build date: 7/12/2010