The IPHalfScanDetectionEnabled property gets or sets a Boolean value that indicates whether Forefront TMG will generate an event when an IP half-scan attack is detected.
An IP half-scan attack, or a stealth attack, is one in which the source computer sends a TCP packet with a flag that does follow the expected sequence, instead of an ACK packet, when a connection is completed so that the connection will not be logged and the source computer can continue to scan ports on the targeted computer without generating log entries.
HRESULT put_IPHalfScanDetectionEnabled( VARIANT_BOOL fIPHalfScanDetectionEnabled ); HRESULT get_IPHalfScanDetectionEnabled( VARIANT_BOOL* pfIPHalfScanDetectionEnabled );
Pointer to a Boolean value that is set on return to VARIANT_TRUE if Forefront TMG will generate an event when an IP half-scan attack is detected, or to VARIANT_FALSE if Forefront TMG will not generate an event when an IP half-scan attack is detected.
Boolean value that indicates whether Forefront TMG will generate an event when an IP half-scan attack is detected.
These property methods return S_OK if the call is successful; otherwise, they return an error code.
Property IPHalfScanDetectionEnabled As Boolean
Boolean value that indicates whether Forefront TMG will generate an event when an IP half-scan attack is detected.
This property is read/write. Its value is set to True (VARIANT_TRUE in C++) during Forefront TMG setup.
IP half-scan attacks can be detected only if the IntrusionDetectionEnabled property is set to True (VARIANT_TRUE in C++).
| Client | Requires Windows Vista or Windows XP. |
|---|---|
| Server | Requires Windows Server 2008. |
| Version | Requires Forefront Threat Management Gateway (TMG). |
| IDL |
Declared in Msfpccom.idl. |
| DLL |
Requires Msfpccom.dll. |
Send comments about this topic to Microsoft
Build date: 11/30/2009
© 2008 Microsoft Corporation. All rights reserved.