CISCOSB-SECURITY-SUITE Table View

Table-centric layout grouping table, row, and column objects.

Standard view Table view
Tables
7
Rows
7
Columns
23

rlSecuritySuiteKnownDoSAttacksTable

table
.1.3.6.1.4.1.9.6.1.101.120.2 · 1 row entry · 2 columns
Open in standard view 
This table enables/disable well-know DoS attacks,
applied globally to all ifIndexes.
rlSecuritySuiteKnownDoSAttacksEntry entry .1.3.6.1.4.1.9.6.1.101.120.2.1
Each entry in this table describes one well known DoS attack address
Indexes
rlSecuritySuiteKnownDoSAttack
Column Syntax OID
rlSecuritySuiteKnownDoSAttack
A well-known DoS attack to enable
RlSecuritySuiteKnownDosAttackType
Textual Convention: RlSecuritySuiteKnownDosAttackType Enumeration
Type Values:
1stacheldraht
2invasor-Trojan
3back-orifice-Trojan
 .1.3.6.1.4.1.9.6.1.101.120.2.1.1
rlSecuritySuiteKnownDoSAttackEnable
Enable/Disable a well-known DoS attack
SNMPv2-TCTruthValuer/w
Textual Convention: SNMPv2-TCTruthValue Enumeration
Type Values:
1true
2false
 .1.3.6.1.4.1.9.6.1.101.120.2.1.2

rlSecuritySuiteKnownDoSAttacksDetailsTable

table
.1.3.6.1.4.1.9.6.1.101.120.3 · 1 row entry · 3 columns
Open in standard view 
This read-only table used to present the detailed attributes
of each well-known DoS attack. Used for presentation propose only.
rlSecuritySuiteKnownDoSAttacksDetailsEntry entry .1.3.6.1.4.1.9.6.1.101.120.3.1
Each entry in this table describes one well known DoS attack address ,
Indexes
rlSecuritySuiteKnownDoSAttack
Column Syntax OID
rlSecuritySuiteKnownDoSAttackProtocl
Specifies the protocol type of the relevant well-known attack
RlSecuritySuiteKnownDosAttackProtocolType
Textual Convention: RlSecuritySuiteKnownDosAttackProtocolType Enumeration
Type Values:
1tcp
2upd
 .1.3.6.1.4.1.9.6.1.101.120.3.1.1
rlSecuritySuiteKnownDoSAttackSrcTcpUdpPort
Specifies the source tcp/udp port of the relevant well-known attack
Integer32
Textual Convention: COPS-PR-SPPIInteger32 Integer32
Type Constraints:
range: -2147483648..2147483647
 .1.3.6.1.4.1.9.6.1.101.120.3.1.2
rlSecuritySuiteKnownDoSAttackDestTcpUdpPort
Specifies the destination tcp/udp port of the relevant well-known attack
Integer32
Textual Convention: COPS-PR-SPPIInteger32 Integer32
Type Constraints:
range: -2147483648..2147483647
 .1.3.6.1.4.1.9.6.1.101.120.3.1.3

rlSecuritySuiteMartianAddrAllTable

table
.1.3.6.1.4.1.9.6.1.101.120.5 · 1 row entry · 3 columns
Open in standard view 
This read-only table specifies all current configured Martian addresses -
both pre-defined (=reserved) and used-configured (=static) addresses
rlSecuritySuiteMartianAddrAllEntry entry .1.3.6.1.4.1.9.6.1.101.120.5.1
Each entry in this table describes one Martian address ,
packets with this address as IP source or IP destination, are discarded.
Indexes
rlSecuritySuiteMartianAddr rlSecuritySuiteMartianAddrNetMask
Column Syntax OID
rlSecuritySuiteMartianAddr
An IP address to discard all packets with that address as source
or destination
SNMPv2-SMIIpAddress
Textual Convention: SNMPv2-SMIIpAddress OctetString
Type Constraints:
range: 4
 .1.3.6.1.4.1.9.6.1.101.120.5.1.1
rlSecuritySuiteMartianAddrNetMask
Specify the net mask that comprise the destination IP address prefix.
SNMPv2-SMIIpAddress
Textual Convention: SNMPv2-SMIIpAddress OctetString
Type Constraints:
range: 4
 .1.3.6.1.4.1.9.6.1.101.120.5.1.2
rlSecuritySuiteAllMartianEntryType
Specific the entry origin: pre-defined (reserved) of statically configured.
RlSecuritySuiteAllMartianEntryType
Textual Convention: RlSecuritySuiteAllMartianEntryType Enumeration
Type Values:
1reserved
2static
 .1.3.6.1.4.1.9.6.1.101.120.5.1.3

rlSecuritySuiteMartianAddrTable

table
.1.3.6.1.4.1.9.6.1.101.120.6 · 1 row entry · 1 columns
Open in standard view 
This table specifies the Martian addresses -
the addresses that packets with these IP addressed as source or
destination are discarded.
rlSecuritySuiteMartianAddrEntry entry .1.3.6.1.4.1.9.6.1.101.120.6.1
Each entry in this table describes one Martian address ,
packets with this address as IP source or IP destination, are discarded.
Indexes
rlSecuritySuiteMartianAddr rlSecuritySuiteMartianAddrNetMask
Column Syntax OID
rlSecuritySuiteMartianAddrStatus
The status of a table entry.
It is used to delete/Add an entry from this table.
SNMPv2-TCRowStatusr/w
Textual Convention: SNMPv2-TCRowStatus Enumeration
Type Values:
1active
2notInService
3notReady
4createAndGo
5createAndWait
6destroy
 .1.3.6.1.4.1.9.6.1.101.120.6.1.1

rlSecuritySuiteDoSSynAttackTable

table
.1.3.6.1.4.1.9.6.1.101.120.7 · 1 row entry · 5 columns
Open in standard view 
This table contains IP address and rate, to limit DoS SYN attacks from
a specific IP address and interface(s)
rlSecuritySuiteDoSSynAttackEntry entry .1.3.6.1.4.1.9.6.1.101.120.7.1
Each entry in this table describes one Martian address ,
packets with this address as IP source or IP destination, are discarded.
Indexes
rlSecuritySuiteDoSSynAttackIfIndex rlSecuritySuiteDoSSynAttackAddr rlSecuritySuiteDoSSynAttackNetMask
Column Syntax OID
rlSecuritySuiteDoSSynAttackIfIndex
Interface which the attack is applied on
IF-MIBInterfaceIndex
Textual Convention: IF-MIBInterfaceIndex Integer32
Type Constraints:
range: 1..2147483647
 .1.3.6.1.4.1.9.6.1.101.120.7.1.1
rlSecuritySuiteDoSSynAttackAddr
An IP address to discard all packets with that address as destination
SNMPv2-SMIIpAddress
Textual Convention: SNMPv2-SMIIpAddress OctetString
Type Constraints:
range: 4
 .1.3.6.1.4.1.9.6.1.101.120.7.1.2
rlSecuritySuiteDoSSynAttackNetMask
Relevant when rlSecuritySuiteSynAttackRangeType equals prefix(2).
Specify the number of bits that comprise the destination
IP address prefix.
SNMPv2-SMIIpAddress
Textual Convention: SNMPv2-SMIIpAddress OctetString
Type Constraints:
range: 4
 .1.3.6.1.4.1.9.6.1.101.120.7.1.3
rlSecuritySuiteDoSSynAttackSynRate
Specify the maximum connections per second allowed from this IP address
and rlSecuritySuiteSynAttackPortList
Integer32r/w
Textual Convention: COPS-PR-SPPIInteger32 Integer32
Type Constraints:
range: -2147483648..2147483647
 .1.3.6.1.4.1.9.6.1.101.120.7.1.4
rlSecuritySuiteDoSSynAttackStatus
The status of a table entry.
It is used to delete/Add an entry from this table.
SNMPv2-TCRowStatusr/w
Textual Convention: SNMPv2-TCRowStatus Enumeration
Type Values:
1active
2notInService
3notReady
4createAndGo
5createAndWait
6destroy
 .1.3.6.1.4.1.9.6.1.101.120.7.1.6

rlSecuritySuiteDenyTypesTable

table
.1.3.6.1.4.1.9.6.1.101.120.8 · 1 row entry · 6 columns
Open in standard view 
This table specifies the ip address and TCP ports that
TCP SYN packets from them on a specific interfaces are dropped.
rlSecuritySuiteDenyTypesEntry entry .1.3.6.1.4.1.9.6.1.101.120.8.1
Each entry in this table describes one ip address, TCP port and
list of ifIndexes, that packets with these attributes are discarded.
Indexes
rlSecuritySuiteDenyIfIndex rlSecuritySuiteDenyAttackType rlSecuritySuiteDenyDestAddr rlSecuritySuiteDenyNetMask rlSecuritySuiteDenyDestPort
Column Syntax OID
rlSecuritySuiteDenyIfIndex
Interface which the attack is applied on
IF-MIBInterfaceIndex
Textual Convention: IF-MIBInterfaceIndex Integer32
Type Constraints:
range: 1..2147483647
 .1.3.6.1.4.1.9.6.1.101.120.8.1.1
rlSecuritySuiteDenyAttackType
The specific deny attack type
RlSecuritySuiteDenyAttackType
Textual Convention: RlSecuritySuiteDenyAttackType Enumeration
Type Values:
1syn
2icmp-echo-request
3fragmented
 .1.3.6.1.4.1.9.6.1.101.120.8.1.2
rlSecuritySuiteDenyDestAddr
An IP address to discard all packets with that address as destination
SNMPv2-SMIIpAddress
Textual Convention: SNMPv2-SMIIpAddress OctetString
Type Constraints:
range: 4
 .1.3.6.1.4.1.9.6.1.101.120.8.1.3
rlSecuritySuiteDenyNetMask
Relevant when rlSecuritySuiteDenyTCPRangeType equals mask(1).
Specify the number of bits that comprise the destination
IP address prefix.
SNMPv2-SMIIpAddress
Textual Convention: SNMPv2-SMIIpAddress OctetString
Type Constraints:
range: 4
 .1.3.6.1.4.1.9.6.1.101.120.8.1.4
rlSecuritySuiteDenyDestPort
Destination TCP port.
Use 65553 to specify all ports.
This key-field is relevant in specific attack types (not all)
Use 0 when not relevant.
Integer32
Textual Convention: COPS-PR-SPPIInteger32 Integer32
Type Constraints:
range: -2147483648..2147483647
 .1.3.6.1.4.1.9.6.1.101.120.8.1.5
rlSecuritySuiteDenyStatus
The status of a table entry.
It is used to delete/Add an entry from this table.
SNMPv2-TCRowStatusr/w
Textual Convention: SNMPv2-TCRowStatus Enumeration
Type Values:
1active
2notInService
3notReady
4createAndGo
5createAndWait
6destroy
 .1.3.6.1.4.1.9.6.1.101.120.8.1.6

rlSecuritySuiteSynProtectionPortTable

table
.1.3.6.1.4.1.9.6.1.101.120.13 · 1 row entry · 3 columns
Open in standard view 
This table keeps SYN protection status per port.
rlSecuritySuiteSynProtectionPortEntry entry .1.3.6.1.4.1.9.6.1.101.120.13.1
Each entry in this table describes TCP SYN protection status for one port.
Indexes
IF-MIBifIndex
Column Syntax OID
rlSecuritySuiteSynProtectionPortMode
The port's TCP SYN protection mode.
RlSecuritySuiteSynProtectionPortMode
Textual Convention: RlSecuritySuiteSynProtectionPortMode Enumeration
Type Values:
1normal
2attacked
3blocked
 .1.3.6.1.4.1.9.6.1.101.120.13.1.1
rlSecuritySuiteSynProtectionPortModeLastTimeAttack
The port's TCP SYN protection last attack time mode.
RlSecuritySuiteSynProtectionPortMode
Textual Convention: RlSecuritySuiteSynProtectionPortMode Enumeration
Type Values:
1normal
2attacked
3blocked
 .1.3.6.1.4.1.9.6.1.101.120.13.1.2
rlSecuritySuiteSynProtectionPortLastTimeAttack
The port's TCP SYN protection last attack time.
SNMPv2-TCDisplayString
Textual Convention: SNMPv2-TCDisplayString OctetString
Type Constraints:
range: 0..255
 .1.3.6.1.4.1.9.6.1.101.120.13.1.3