lntUnAuthAccessEvent
Lannet-Trapsv2-MIB ·
.1.3.6.1.4.1.81.38.13.0.68
Object
notification
Notification on unauthorized login attempts.
o For CLI and SNMP login failures:
Both SNMP SSH and WEB management interfaces shall identify
situation and alert.
The reported information should include wrong user name,
host name and IP address of remote host. Passwords is not
reported because of the possibility to reveal password.
o For pre-shared-key (PSK) authentication failure in IKE:
* lntUnauthUserName -
- In IKE AM: the ID sent by the remote peer in the ID
payload.
- In IKE MM: the ID associated with the remote peer IP
in the running configuration.
* lntUnauthIpAddress - the source IP of the packet sent
by the remote peer.
* lntUnauthProtocol - lntIKEAccess(500)
Context
- MIB
- Lannet-Trapsv2-MIB
- OID
.1.3.6.1.4.1.81.38.13.0.68- Type
- notification
- Status
- current
- Parent
- lntSecurityPrefix
- Siblings
- 9
Syntax
No syntax metadata recorded.
Values & Constraints
No enumerated values or constraints recorded.
Related Objects
Sibling Objects
| Object | Type | Syntax | OID |
|---|---|---|---|
| lntUnknownHostCopyEvent Event generated on attempt to accomplish download/upload file
transfer using SCP/SFTP protocol to unknown host. | notification | - | .1.3.6.1.4.1.81.38.13.0.1002 |
| lntAccountLockoutEvent After configurable number of failed attempts to authenticate a user, device
penalized by locking them out for a pre-specified amount of time. | notification | - | .1.3.6.1.4.1.81.38.13.0.1003 |
| lntLicenseStartupValidationFlt At start-up, the product validates the license file
scheme and the license signature. On inconsistency the product
issues this tarp and then returns to the factory-default featu… | notification | - | .1.3.6.1.4.1.81.38.13.0.1004 |
| lntLicenseDownloadValidationFlt During the license file download, the product validates the license file
scheme and the license signature. On inconsistency the product
aborts download process, sends this notif… | notification | - | .1.3.6.1.4.1.81.38.13.0.1005 |
| lntDot1xMaxAuthRateReachedEvent This trap notifies the management station that maximum rate of 802.1x
authentications has been reached in module $1 . | notification | - | .1.3.6.1.4.1.81.38.13.0.1006 |
| lntDot1xAuthFailureEvent This trap notifies the management station that device with MAC address
$1 failed to authenticate module/port $2/$3 due to $4 | notification | - | .1.3.6.1.4.1.81.38.13.0.1007 |
| lntDot1xMaxAuthModuleNumReachedEvent This trap notifies the management station that Authentication denied due to
maximum number of authentication of 802.1x $1 per module $2 has been reached. | notification | - | .1.3.6.1.4.1.81.38.13.0.1008 |
| lntDot1xMaxAuthPortNumReachedEvent This trap notifies the management station that Authentication denied due to
maximum number of authentication of 802.1x $1 per module/port $2/$3 has been reached. | notification | - | .1.3.6.1.4.1.81.38.13.0.1009 |
| lntMACSecurityEvent This trap notifies the management station of the security violation.
It gives the slot number of the board, the port on the board and the
source MAC address extracted from the fra… | notification | - | .1.3.6.1.4.1.81.38.13.0.104 |
Notification Objects
| Object | Type | Syntax | OID |
|---|---|---|---|
| lntUnauthUserName The name of the user who's attempt to access device was identified as unauthorized. | scalar | OctetString | .1.3.6.1.4.1.81.38.14.3 |
| lntUnauthIpAddress The IP address of access violating station | scalar | RFC1155-SMIIpAddress | .1.3.6.1.4.1.81.38.14.4 |
| lntUnauthProtocol The management protocol employed for the unauthorized access -
lntSSHAccess(22) -- SSH protocol
lntTELNETAccess(23), --Telnet protocol
lntHTTPAccess(80), -- HT… | scalar | Enumeration | .1.3.6.1.4.1.81.38.14.5 |