HM2-DOS-MITIGATION-MIB
File:
HM2-DOS-MITIGATION-MIB.mib (13324 bytes)
Imported modules
Imported symbols
Defined Types
DosFeatureValue |
|
Type of feature support:
- hw(1): Supported in Hardware
- sw(2): Supported in Software
- noSup(3): Not implemented (no support) |
TEXTUAL-CONVENTION |
|
|
|
|
INTEGER |
hw(1), sw(2), noSup(3) |
|
Hm2DosMitigationLimiterRuleEntry |
|
SEQUENCE |
|
|
|
|
hm2DosMitigationLimiterInterface |
InterfaceIndex |
|
|
hm2DosMitigationLimiterTcpSynLimit |
Unsigned32 |
|
|
hm2DosMitigationLimiterArpLimit |
Unsigned32 |
|
|
hm2DosMitigationLimiterRowStatus |
RowStatus |
|
Defined Values
hm2DosMitigationMib |
1.3.6.1.4.1.248.11.82 |
Hirschmann Denial of Service MIB
Copyright (C) 2012. All Rights Reserved. |
MODULE-IDENTITY |
|
|
|
hm2DosMitigationTcpNullScan |
1.3.6.1.4.1.248.11.82.1.1.1.1 |
When enabled, TCP Null scans (TCP flags and sequence number
set to 0) are filtered by the device. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
HmEnabledStatus |
|
|
hm2DosMitigationTcpXmasScan |
1.3.6.1.4.1.248.11.82.1.1.1.4 |
When enabled TCP Xmas scans (TCP flags FIN,
URG and PSH all set to 1 and a TCP sequence
number = 0) are filtered by the device. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
HmEnabledStatus |
|
|
hm2DosMitigationLandAttack |
1.3.6.1.4.1.248.11.82.1.1.1.13 |
When enabled all IP frames are checked for equality of
src and dst IP address (known as land attack). Packets that
contain such a combination are silently discarded when
enabled. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
HmEnabledStatus |
|
|
hm2DosMitigationTcpOffsetEqu1 |
1.3.6.1.4.1.248.11.82.1.1.1.14 |
Enable/Disable TCP offset DoS protection. All packets
ingress having a TCP header offset equal to 1 are dropped. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
HmEnabledStatus |
|
|
hm2DosMitigationTcpPrivilegedSrcPort |
1.3.6.1.4.1.248.11.82.1.1.1.15 |
Enable/Disable TCP SYN and L4 source port smaller than 1024
DoS protection. All packets ingress having the TCP SYN flag set
and a L4 source port from 0 to 1023 are dropped. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
HmEnabledStatus |
|
|
hm2DosMitigationTcpSrcDstPortEqu |
1.3.6.1.4.1.248.11.82.1.1.1.16 |
Enable/Disable L4 source port equals L4 destination port
DoS protection. All TCP or UDP packets ingress having the
L4 source port equal to L4 destination port are dropped. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
HmEnabledStatus |
|
|
hm2DosMitigationIcmpPacketSize |
1.3.6.1.4.1.248.11.82.1.1.2.4 |
Specifies the max. allowed payload size of ICMP packets.
Packets having bigger payload are filtered by the device
if the hm2DosMitigationIcmpPacketSizeMode is enabled. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
Unsigned32 |
0..1472 |
|
hm2DosMitigationIcmpPacketSizeMode |
1.3.6.1.4.1.248.11.82.1.1.2.5 |
When enabled all ICMP ingress packets having the
payload bigger than hm2DosMitigationIcmpPacketSize
are filtered by device. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
HmEnabledStatus |
|
|
hm2DosMitigationIcmpSmurfAttack |
1.3.6.1.4.1.248.11.82.1.1.2.6 |
When enabled, all ingress ICMP packets having
the type set to ECHO_REQ (ping) and a broadcast
destination IP are dropped. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
HmEnabledStatus |
|
|
hm2DosMitigationSMacDMac |
1.3.6.1.4.1.248.11.82.1.1.3.7 |
Enable/Disable source MAC address equals destination
MAC address DoS protection. All packets ingress having
SMAC equals DMAC are dropped. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
HmEnabledStatus |
|
|
hm2DosMitigationLimiterRuleEntry |
1.3.6.1.4.1.248.11.82.1.2.2.1.1 |
TCP Syn Interface entry. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
Hm2DosMitigationLimiterRuleEntry |
|
|
hm2DosMitigationLimiterTcpSynLimit |
1.3.6.1.4.1.248.11.82.1.2.2.1.1.2 |
The number of allowed outgoing TCP syn packets per second
per interface.
A value of 0 disables the limiter for this interface. |
Status: current |
Access: read-create |
OBJECT-TYPE |
|
|
|
|
Unsigned32 |
|
|
hm2DosMitigationLimiterArpLimit |
1.3.6.1.4.1.248.11.82.1.2.2.1.1.3 |
The number of allowed outgoing ARP packets per second per
interface.
A value of 0 disables the limiter for this interface. |
Status: current |
Access: read-create |
OBJECT-TYPE |
|
|
|
|
Unsigned32 |
|
|
hm2DosMitigationCompliance |
1.3.6.1.4.1.248.11.82.2.1.1 |
The compliance statement for an SNMP entity which
implements the Hirschmann DOS Mitigation MIB. |
Status: current |
Access: read-create |
MODULE-COMPLIANCE |
|
|
|
hm2DosMitigationGeneralGroup |
1.3.6.1.4.1.248.11.82.2.2.1 |
A collection of all Hirschmann objects provided by the DoS Mitigation
module. |
Status: current |
Access: read-create |
OBJECT-GROUP |
|
|
|