RADLAN-SECURITY-SUITE
File:
RADLAN-SECURITY-SUITE.mib (20603 bytes)
Imported modules
Imported symbols
Defined Types
RlsecuritySuiteGlobalEnableType |
|
Specifies the operating modes of the security-suite |
TEXTUAL-CONVENTION |
|
|
|
|
INTEGER |
enable-global-rules-only(1), enable-all-rules-types(2), disable(3) |
|
RlSecuritySuiteAllMartianEntryType |
|
Specifies Martian-address origin: pre-defined (reserved) or statically configured |
TEXTUAL-CONVENTION |
|
|
|
|
INTEGER |
reserved(1), static(2) |
|
RlSecuritySuiteKnownDoSAttacksDetailsEntry |
|
SEQUENCE |
|
|
|
|
rlSecuritySuiteKnownDoSAttackProtocl |
RlSecuritySuiteKnownDosAttackProtocolType |
|
|
rlSecuritySuiteKnownDoSAttackSrcTcpUdpPort |
INTEGER |
|
|
rlSecuritySuiteKnownDoSAttackDestTcpUdpPort |
INTEGER |
|
RlSecuritySuiteMartianAddrAllEntry |
|
SEQUENCE |
|
|
|
|
rlSecuritySuiteMartianAddr |
IpAddress |
|
|
rlSecuritySuiteMartianAddrNetMask |
IpAddress |
|
|
rlSecuritySuiteAllMartianEntryType |
RlSecuritySuiteAllMartianEntryType |
|
RlDoSAttackMartianAddrEntry |
|
SEQUENCE |
|
|
|
|
rlSecuritySuiteMartianAddrStatus |
RowStatus |
|
RlSecuritySuiteDoSSynAttackEntry |
|
SEQUENCE |
|
|
|
|
rlSecuritySuiteDoSSynAttackIfIndex |
InterfaceIndex |
|
|
rlSecuritySuiteDoSSynAttackAddr |
IpAddress |
|
|
rlSecuritySuiteDoSSynAttackNetMask |
IpAddress |
|
|
rlSecuritySuiteDoSSynAttackSynRate |
INTEGER |
|
|
rlSecuritySuiteDoSSynAttackStatus |
RowStatus |
|
RlSecuritySuiteDenyTypesEntry |
|
SEQUENCE |
|
|
|
|
rlSecuritySuiteDenyIfIndex |
InterfaceIndex |
|
|
rlSecuritySuiteDenyAttackType |
RlSecuritySuiteDenyAttackType |
|
|
rlSecuritySuiteDenyDestAddr |
IpAddress |
|
|
rlSecuritySuiteDenyNetMask |
IpAddress |
|
|
rlSecuritySuiteDenyDestPort |
INTEGER |
|
|
rlSecuritySuiteDenyStatus |
RowStatus |
|
RlSecuritySuiteSynProtectionPortEntry |
|
SEQUENCE |
|
|
|
|
rlSecuritySuiteSynProtectionPortMode |
RlSecuritySuiteSynProtectionPortMode |
|
|
rlSecuritySuiteSynProtectionPortModeLastTimeAttack |
RlSecuritySuiteSynProtectionPortMode |
|
|
rlSecuritySuiteSynProtectionPortLastTimeAttack |
DisplayString |
|
Defined Values
rlSecuritySuiteMib |
1.3.6.1.4.1.89.120 |
The private MIB module definition for blocking attacks
such as DoS(=Denial Of Service), SYN and well known viruses Attacks
in Radlan devices. |
MODULE-IDENTITY |
|
|
|
rlSecuritySuiteKnownDoSAttacksEntry |
1.3.6.1.4.1.89.120.2.1 |
Each entry in this table describes one well known DoS attack address |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
RlSecuritySuiteKnownDoSAttacksEntry |
|
|
rlSecuritySuiteKnownDoSAttacksDetailsEntry |
1.3.6.1.4.1.89.120.3.1 |
Each entry in this table describes one well known DoS attack address , |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
RlSecuritySuiteKnownDoSAttacksDetailsEntry |
|
|
rlSecuritySuiteReservedMartianAddresses |
1.3.6.1.4.1.89.120.4 |
This scalar globally enables/disables discarding of the IP
well-known addresses described below:
-------------------------------------------------------------------------------
| Address block | Present use
|-------------------------------------------------------------------------------
|0.0.0.0/8 | Addresses in this block refer to source hosts
|(except 0.0.0.0/32 | on 'this' network.
| as source address) |
|------------------------------------------------------------------------------
|127.0.0.0/8 | This block is assigned for use as the Internet host loop-back address.
|-----------------------------------------------------------------------------------------------------
|192.0.2.0/24 | This block is assigned as 'TEST-NET'
| | for use in documentation and example code.
|---------------------------------------------------------------------------
|224.0.0.0/4 as source. | This block, formerly known as the Class D address space,
| | is allocated for use in IPv4 multicast address assignments.
|-------------------------------------------------------------------------------------------
|240.0.0.0/4 |
|(except 255.255.255.255/32 | This block, formerly known as the Class E address space, is reserved.
| as destination address) |
|-------------------------------------------------------------------------------------------------------
|
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
TruthValue |
|
|
rlSecuritySuiteMartianAddrAllEntry |
1.3.6.1.4.1.89.120.5.1 |
Each entry in this table describes one Martian address ,
packets with this address as IP source or IP destination, are discarded. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
RlSecuritySuiteMartianAddrAllEntry |
|
|
rlSecuritySuiteMartianAddr |
1.3.6.1.4.1.89.120.5.1.1 |
An IP address to discard all packets with that address as source
or destination |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
IpAddress |
|
|
rlSecuritySuiteAllMartianEntryType |
1.3.6.1.4.1.89.120.5.1.3 |
Specific the entry origin: pre-defined (reserved) of statically configured. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
RlSecuritySuiteAllMartianEntryType |
|
|
rlSecuritySuiteMartianAddrEntry |
1.3.6.1.4.1.89.120.6.1 |
Each entry in this table describes one Martian address ,
packets with this address as IP source or IP destination, are discarded. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
RlDoSAttackMartianAddrEntry |
|
|
rlSecuritySuiteDoSSynAttackEntry |
1.3.6.1.4.1.89.120.7.1 |
Each entry in this table describes one Martian address ,
packets with this address as IP source or IP destination, are discarded. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
RlSecuritySuiteDoSSynAttackEntry |
|
|
rlSecuritySuiteDoSSynAttackNetMask |
1.3.6.1.4.1.89.120.7.1.3 |
Relevant when rlSecuritySuiteSynAttackRangeType equals prefix(2).
Specify the number of bits that comprise the destination
IP address prefix. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
IpAddress |
|
|
rlSecuritySuiteDoSSynAttackSynRate |
1.3.6.1.4.1.89.120.7.1.4 |
Specify the maximum connections per second allowed from this IP address
and rlSecuritySuiteSynAttackPortList |
Status: current |
Access: read-create |
OBJECT-TYPE |
|
|
|
|
INTEGER |
|
|
rlSecuritySuiteDenyTypesEntry |
1.3.6.1.4.1.89.120.8.1 |
Each entry in this table describes one ip address, TCP port and
list of ifIndexes, that packets with these attributes are discarded. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
RlSecuritySuiteDenyTypesEntry |
|
|
rlSecuritySuiteDenyDestAddr |
1.3.6.1.4.1.89.120.8.1.3 |
An IP address to discard all packets with that address as destination |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
IpAddress |
|
|
rlSecuritySuiteDenyNetMask |
1.3.6.1.4.1.89.120.8.1.4 |
Relevant when rlSecuritySuiteDenyTCPRangeType equals mask(1).
Specify the number of bits that comprise the destination
IP address prefix. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
IpAddress |
|
|
rlSecuritySuiteDenyDestPort |
1.3.6.1.4.1.89.120.8.1.5 |
Destination TCP port.
Use 65553 to specify all ports.
This key-field is relevant in specific attack types (not all)
Use 0 when not relevant. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
INTEGER |
|
|
rlSecuritySuiteDenyStatus |
1.3.6.1.4.1.89.120.8.1.6 |
The status of a table entry.
It is used to delete/Add an entry from this table. |
Status: current |
Access: read-create |
OBJECT-TYPE |
|
|
|
|
RowStatus |
|
|
rlSecuritySuiteSynProtectionMode |
1.3.6.1.4.1.89.120.10 |
This scalar globally set protection mode on TCP SYN traffic.
Disabled - the system doesn't support protection against TCP SYN attack.
Report - the system doesn't support protection against TCP SYN attack,but reports about it.
Block - the systems supports protection against TCP SYN attack by blocking this traffic on the port. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
RlSecuritySuiteSynProtectionMode |
|
|
rlSecuritySuiteSynProtectionTreshold |
1.3.6.1.4.1.89.120.11 |
This scalar globally set protection mode treshold value in packet per second
on TCP SYN traffic. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
INTEGER |
|
|
rlSecuritySuiteSynProtectionPortEntry |
1.3.6.1.4.1.89.120.13.1 |
Each entry in this table describes TCP SYN protection status for one port. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
RlSecuritySuiteSynProtectionPortEntry |
|
|