RADLAN-SECURITY-SUITE

File: RADLAN-SECURITY-SUITE.mib (20603 bytes)

Imported modules

SNMPv2-SMI IF-MIB SNMPv2-TC
RADLAN-MIB Q-BRIDGE-MIB

Imported symbols

MODULE-IDENTITY OBJECT-TYPE Counter32
Gauge32 Unsigned32 IpAddress
TimeTicks InterfaceIndexOrZero InterfaceIndex
ifIndex TEXTUAL-CONVENTION TruthValue
RowStatus RowPointer DisplayString
Percents rnd PortList

Defined Types

RlsecuritySuiteGlobalEnableType  
Specifies the operating modes of the security-suite
TEXTUAL-CONVENTION    
  INTEGER enable-global-rules-only(1), enable-all-rules-types(2), disable(3)  

RlSecuritySuiteKnownDosAttackType  
Specifies well-known DoS attack
TEXTUAL-CONVENTION    
  INTEGER stacheldraht(1), invasor-Trojan(2), back-orifice-Trojan(3)  

RlSecuritySuiteKnownDosAttackProtocolType  
Specifies protocol type of the well-known DoS attack
TEXTUAL-CONVENTION    
  INTEGER tcp(1), upd(2)  

RlSecuritySuiteAllMartianEntryType  
Specifies Martian-address origin: pre-defined (reserved) or statically configured
TEXTUAL-CONVENTION    
  INTEGER reserved(1), static(2)  

RlSecuritySuiteDenyAttackType  
Specifies the deny attack types
TEXTUAL-CONVENTION    
  INTEGER syn(1), icmp-echo-request(2), fragmented(3)  

RlSecuritySuiteDenySynFinTcp  
Specifies the dropping SYN, FIN flags enabled TCP packets status
TEXTUAL-CONVENTION    
  INTEGER deny(1), permit(2)  

RlSecuritySuiteSynProtectionMode  
Specifies the TCP SYN attack protection mode .
TEXTUAL-CONVENTION    
  INTEGER disabled(1), report(2), block(3)  

RlSecuritySuiteSynProtectionPortMode  
Specifies the TCP SYN attack protection mode .
TEXTUAL-CONVENTION    
  INTEGER normal(1), attacked(2), blocked(3)  

RlSecuritySuiteKnownDoSAttacksEntry  
SEQUENCE    
  rlSecuritySuiteKnownDoSAttack RlSecuritySuiteKnownDosAttackType
  rlSecuritySuiteKnownDoSAttackEnable TruthValue

RlSecuritySuiteKnownDoSAttacksDetailsEntry  
SEQUENCE    
  rlSecuritySuiteKnownDoSAttackProtocl RlSecuritySuiteKnownDosAttackProtocolType
  rlSecuritySuiteKnownDoSAttackSrcTcpUdpPort INTEGER
  rlSecuritySuiteKnownDoSAttackDestTcpUdpPort INTEGER

RlSecuritySuiteMartianAddrAllEntry  
SEQUENCE    
  rlSecuritySuiteMartianAddr IpAddress
  rlSecuritySuiteMartianAddrNetMask IpAddress
  rlSecuritySuiteAllMartianEntryType RlSecuritySuiteAllMartianEntryType

RlDoSAttackMartianAddrEntry  
SEQUENCE    
  rlSecuritySuiteMartianAddrStatus RowStatus

RlSecuritySuiteDoSSynAttackEntry  
SEQUENCE    
  rlSecuritySuiteDoSSynAttackIfIndex InterfaceIndex
  rlSecuritySuiteDoSSynAttackAddr IpAddress
  rlSecuritySuiteDoSSynAttackNetMask IpAddress
  rlSecuritySuiteDoSSynAttackSynRate INTEGER
  rlSecuritySuiteDoSSynAttackStatus RowStatus

RlSecuritySuiteDenyTypesEntry  
SEQUENCE    
  rlSecuritySuiteDenyIfIndex InterfaceIndex
  rlSecuritySuiteDenyAttackType RlSecuritySuiteDenyAttackType
  rlSecuritySuiteDenyDestAddr IpAddress
  rlSecuritySuiteDenyNetMask IpAddress
  rlSecuritySuiteDenyDestPort INTEGER
  rlSecuritySuiteDenyStatus RowStatus

RlSecuritySuiteSynProtectionPortEntry  
SEQUENCE    
  rlSecuritySuiteSynProtectionPortMode RlSecuritySuiteSynProtectionPortMode
  rlSecuritySuiteSynProtectionPortModeLastTimeAttack RlSecuritySuiteSynProtectionPortMode
  rlSecuritySuiteSynProtectionPortLastTimeAttack DisplayString

Defined Values

rlSecuritySuiteMib 1.3.6.1.4.1.89.120
The private MIB module definition for blocking attacks such as DoS(=Denial Of Service), SYN and well known viruses Attacks in Radlan devices.
MODULE-IDENTITY    

rlSecuritySuiteGlobalEnable 1.3.6.1.4.1.89.120.1
This scalar globally enables/disables the DoS attack Suite.
Status: current Access: read-write
OBJECT-TYPE    
  RlsecuritySuiteGlobalEnableType  

rlSecuritySuiteKnownDoSAttacksTable 1.3.6.1.4.1.89.120.2
This table enables/disable well-know DoS attacks, applied globally to all ifIndexes.
Status: current Access: not-accessible
OBJECT-TYPE    
  SEQUENCE OF  
    RlSecuritySuiteKnownDoSAttacksEntry

rlSecuritySuiteKnownDoSAttacksEntry 1.3.6.1.4.1.89.120.2.1
Each entry in this table describes one well known DoS attack address
Status: current Access: not-accessible
OBJECT-TYPE    
  RlSecuritySuiteKnownDoSAttacksEntry  

rlSecuritySuiteKnownDoSAttack 1.3.6.1.4.1.89.120.2.1.1
A well-known DoS attack to enable
Status: current Access: not-accessible
OBJECT-TYPE    
  RlSecuritySuiteKnownDosAttackType  

rlSecuritySuiteKnownDoSAttackEnable 1.3.6.1.4.1.89.120.2.1.2
Enable/Disable a well-known DoS attack
Status: current Access: read-write
OBJECT-TYPE    
  TruthValue  

rlSecuritySuiteKnownDoSAttacksDetailsTable 1.3.6.1.4.1.89.120.3
This read-only table used to present the detailed attributes of each well-known DoS attack. Used for presentation propose only.
Status: current Access: not-accessible
OBJECT-TYPE    
  SEQUENCE OF  
    RlSecuritySuiteKnownDoSAttacksDetailsEntry

rlSecuritySuiteKnownDoSAttacksDetailsEntry 1.3.6.1.4.1.89.120.3.1
Each entry in this table describes one well known DoS attack address ,
Status: current Access: not-accessible
OBJECT-TYPE    
  RlSecuritySuiteKnownDoSAttacksDetailsEntry  

rlSecuritySuiteKnownDoSAttackProtocl 1.3.6.1.4.1.89.120.3.1.1
Specifies the protocol type of the relevant well-known attack
Status: current Access: read-only
OBJECT-TYPE    
  RlSecuritySuiteKnownDosAttackProtocolType  

rlSecuritySuiteKnownDoSAttackSrcTcpUdpPort 1.3.6.1.4.1.89.120.3.1.2
Specifies the source tcp/udp port of the relevant well-known attack
Status: current Access: read-only
OBJECT-TYPE    
  INTEGER  

rlSecuritySuiteKnownDoSAttackDestTcpUdpPort 1.3.6.1.4.1.89.120.3.1.3
Specifies the destination tcp/udp port of the relevant well-known attack
Status: current Access: read-only
OBJECT-TYPE    
  INTEGER  

rlSecuritySuiteReservedMartianAddresses 1.3.6.1.4.1.89.120.4
This scalar globally enables/disables discarding of the IP well-known addresses described below: ------------------------------------------------------------------------------- | Address block | Present use |------------------------------------------------------------------------------- |0.0.0.0/8 | Addresses in this block refer to source hosts |(except 0.0.0.0/32 | on 'this' network. | as source address) | |------------------------------------------------------------------------------ |127.0.0.0/8 | This block is assigned for use as the Internet host loop-back address. |----------------------------------------------------------------------------------------------------- |192.0.2.0/24 | This block is assigned as 'TEST-NET' | | for use in documentation and example code. |--------------------------------------------------------------------------- |224.0.0.0/4 as source. | This block, formerly known as the Class D address space, | | is allocated for use in IPv4 multicast address assignments. |------------------------------------------------------------------------------------------- |240.0.0.0/4 | |(except 255.255.255.255/32 | This block, formerly known as the Class E address space, is reserved. | as destination address) | |-------------------------------------------------------------------------------------------------------
Status: current Access: read-write
OBJECT-TYPE    
  TruthValue  

rlSecuritySuiteMartianAddrAllTable 1.3.6.1.4.1.89.120.5
This read-only table specifies all current configured Martian addresses - both pre-defined (=reserved) and used-configured (=static) addresses
Status: current Access: not-accessible
OBJECT-TYPE    
  SEQUENCE OF  
    RlSecuritySuiteMartianAddrAllEntry

rlSecuritySuiteMartianAddrAllEntry 1.3.6.1.4.1.89.120.5.1
Each entry in this table describes one Martian address , packets with this address as IP source or IP destination, are discarded.
Status: current Access: not-accessible
OBJECT-TYPE    
  RlSecuritySuiteMartianAddrAllEntry  

rlSecuritySuiteMartianAddr 1.3.6.1.4.1.89.120.5.1.1
An IP address to discard all packets with that address as source or destination
Status: current Access: not-accessible
OBJECT-TYPE    
  IpAddress  

rlSecuritySuiteMartianAddrNetMask 1.3.6.1.4.1.89.120.5.1.2
Specify the net mask that comprise the destination IP address prefix.
Status: current Access: not-accessible
OBJECT-TYPE    
  IpAddress  

rlSecuritySuiteAllMartianEntryType 1.3.6.1.4.1.89.120.5.1.3
Specific the entry origin: pre-defined (reserved) of statically configured.
Status: current Access: read-only
OBJECT-TYPE    
  RlSecuritySuiteAllMartianEntryType  

rlSecuritySuiteMartianAddrTable 1.3.6.1.4.1.89.120.6
This table specifies the Martian addresses - the addresses that packets with these IP addressed as source or destination are discarded.
Status: current Access: not-accessible
OBJECT-TYPE    
  SEQUENCE OF  
    RlDoSAttackMartianAddrEntry

rlSecuritySuiteMartianAddrEntry 1.3.6.1.4.1.89.120.6.1
Each entry in this table describes one Martian address , packets with this address as IP source or IP destination, are discarded.
Status: current Access: not-accessible
OBJECT-TYPE    
  RlDoSAttackMartianAddrEntry  

rlSecuritySuiteMartianAddrStatus 1.3.6.1.4.1.89.120.6.1.1
The status of a table entry. It is used to delete/Add an entry from this table.
Status: current Access: read-create
OBJECT-TYPE    
  RowStatus  

rlSecuritySuiteDoSSynAttackTable 1.3.6.1.4.1.89.120.7
This table contains IP address and rate, to limit DoS SYN attacks from a specific IP address and interface(s)
Status: current Access: not-accessible
OBJECT-TYPE    
  SEQUENCE OF  
    RlSecuritySuiteDoSSynAttackEntry

rlSecuritySuiteDoSSynAttackEntry 1.3.6.1.4.1.89.120.7.1
Each entry in this table describes one Martian address , packets with this address as IP source or IP destination, are discarded.
Status: current Access: not-accessible
OBJECT-TYPE    
  RlSecuritySuiteDoSSynAttackEntry  

rlSecuritySuiteDoSSynAttackIfIndex 1.3.6.1.4.1.89.120.7.1.1
Interface which the attack is applied on
Status: current Access: not-accessible
OBJECT-TYPE    
  InterfaceIndex  

rlSecuritySuiteDoSSynAttackAddr 1.3.6.1.4.1.89.120.7.1.2
An IP address to discard all packets with that address as destination
Status: current Access: not-accessible
OBJECT-TYPE    
  IpAddress  

rlSecuritySuiteDoSSynAttackNetMask 1.3.6.1.4.1.89.120.7.1.3
Relevant when rlSecuritySuiteSynAttackRangeType equals prefix(2). Specify the number of bits that comprise the destination IP address prefix.
Status: current Access: not-accessible
OBJECT-TYPE    
  IpAddress  

rlSecuritySuiteDoSSynAttackSynRate 1.3.6.1.4.1.89.120.7.1.4
Specify the maximum connections per second allowed from this IP address and rlSecuritySuiteSynAttackPortList
Status: current Access: read-create
OBJECT-TYPE    
  INTEGER  

rlSecuritySuiteDoSSynAttackStatus 1.3.6.1.4.1.89.120.7.1.6
The status of a table entry. It is used to delete/Add an entry from this table.
Status: current Access: read-create
OBJECT-TYPE    
  RowStatus  

rlSecuritySuiteDenyTypesTable 1.3.6.1.4.1.89.120.8
This table specifies the ip address and TCP ports that TCP SYN packets from them on a specific interfaces are dropped.
Status: current Access: not-accessible
OBJECT-TYPE    
  SEQUENCE OF  
    RlSecuritySuiteDenyTypesEntry

rlSecuritySuiteDenyTypesEntry 1.3.6.1.4.1.89.120.8.1
Each entry in this table describes one ip address, TCP port and list of ifIndexes, that packets with these attributes are discarded.
Status: current Access: not-accessible
OBJECT-TYPE    
  RlSecuritySuiteDenyTypesEntry  

rlSecuritySuiteDenyIfIndex 1.3.6.1.4.1.89.120.8.1.1
Interface which the attack is applied on
Status: current Access: not-accessible
OBJECT-TYPE    
  InterfaceIndex  

rlSecuritySuiteDenyAttackType 1.3.6.1.4.1.89.120.8.1.2
The specific deny attack type
Status: current Access: not-accessible
OBJECT-TYPE    
  RlSecuritySuiteDenyAttackType  

rlSecuritySuiteDenyDestAddr 1.3.6.1.4.1.89.120.8.1.3
An IP address to discard all packets with that address as destination
Status: current Access: not-accessible
OBJECT-TYPE    
  IpAddress  

rlSecuritySuiteDenyNetMask 1.3.6.1.4.1.89.120.8.1.4
Relevant when rlSecuritySuiteDenyTCPRangeType equals mask(1). Specify the number of bits that comprise the destination IP address prefix.
Status: current Access: not-accessible
OBJECT-TYPE    
  IpAddress  

rlSecuritySuiteDenyDestPort 1.3.6.1.4.1.89.120.8.1.5
Destination TCP port. Use 65553 to specify all ports. This key-field is relevant in specific attack types (not all) Use 0 when not relevant.
Status: current Access: not-accessible
OBJECT-TYPE    
  INTEGER  

rlSecuritySuiteDenyStatus 1.3.6.1.4.1.89.120.8.1.6
The status of a table entry. It is used to delete/Add an entry from this table.
Status: current Access: read-create
OBJECT-TYPE    
  RowStatus  

rlSecuritySuiteDenySynFinTcp 1.3.6.1.4.1.89.120.9
This scalar globally enable or disable dropping of tcp packets with both SYN and FIN flags enabled.
Status: current Access: read-write
OBJECT-TYPE    
  RlSecuritySuiteDenySynFinTcp  

rlSecuritySuiteSynProtectionMode 1.3.6.1.4.1.89.120.10
This scalar globally set protection mode on TCP SYN traffic. Disabled - the system doesn't support protection against TCP SYN attack. Report - the system doesn't support protection against TCP SYN attack,but reports about it. Block - the systems supports protection against TCP SYN attack by blocking this traffic on the port.
Status: current Access: read-write
OBJECT-TYPE    
  RlSecuritySuiteSynProtectionMode  

rlSecuritySuiteSynProtectionTreshold 1.3.6.1.4.1.89.120.11
This scalar globally set protection mode treshold value in packet per second on TCP SYN traffic.
Status: current Access: read-write
OBJECT-TYPE    
  INTEGER  

rlSecuritySuiteSynProtectionRecoveryTimeout 1.3.6.1.4.1.89.120.12
This scalar globally set protection reovery time out in secounds.
Status: current Access: read-write
OBJECT-TYPE    
  INTEGER  

rlSecuritySuiteSynProtectionPortTable 1.3.6.1.4.1.89.120.13
This table keeps SYN protection status per port.
Status: current Access: not-accessible
OBJECT-TYPE    
  SEQUENCE OF  
    RlSecuritySuiteSynProtectionPortEntry

rlSecuritySuiteSynProtectionPortEntry 1.3.6.1.4.1.89.120.13.1
Each entry in this table describes TCP SYN protection status for one port.
Status: current Access: not-accessible
OBJECT-TYPE    
  RlSecuritySuiteSynProtectionPortEntry  

rlSecuritySuiteSynProtectionPortMode 1.3.6.1.4.1.89.120.13.1.1
The port's TCP SYN protection mode.
Status: current Access: read-only
OBJECT-TYPE    
  RlSecuritySuiteSynProtectionPortMode  

rlSecuritySuiteSynProtectionPortModeLastTimeAttack 1.3.6.1.4.1.89.120.13.1.2
The port's TCP SYN protection last attack time mode.
Status: current Access: read-only
OBJECT-TYPE    
  RlSecuritySuiteSynProtectionPortMode  

rlSecuritySuiteSynProtectionPortLastTimeAttack 1.3.6.1.4.1.89.120.13.1.3
The port's TCP SYN protection last attack time.
Status: current Access: read-only
OBJECT-TYPE    
  DisplayString