CISCOSB-SECURITY-SUITE: View SNMP OID List / Download MIB

VENDOR: CISCO


 Home MIB: CISCOSB-SECURITY-SUITE
Download as:   

Download standard MIB format if you are planning to load a MIB file into some system (OS, Zabbix, PRTG ...) or view it with a MIB browser. CSV is more suitable for analyzing and viewing OID' and other MIB objects in excel. JSON and YAML formats are usually used in programing even though some systems can use MIB in YAML format (like Logstash).
Keep in mind that standard MIB files can be successfully loaded by systems and programs only if all the required MIB's from the "Imports" section are already loaded.
The tree-like SNMP object navigator requires no explanations because it is very simple to use. And if you stumbled on this MIB from Google note that you can always go back to the home page if you need to perform another MIB or OID lookup.


Object Name OID Type Access Info
 rlSecuritySuiteMib 1.3.6.1.4.1.9.6.1.101.120
The private MIB module definition for blocking attacks such as DoS(=Denial Of Service), SYN and well known viruses Attacks in CISCOSB devices.
         rlSecuritySuiteGlobalEnable 1.3.6.1.4.1.9.6.1.101.120.1 rlsecuritysuiteglobalenabletype read-write
This scalar globally enables/disables the DoS attack Suite.
         rlSecuritySuiteKnownDoSAttacksTable 1.3.6.1.4.1.9.6.1.101.120.2 no-access
This table enables/disable well-know DoS attacks, applied globally to all ifIndexes.
             rlSecuritySuiteKnownDoSAttacksEntry 1.3.6.1.4.1.9.6.1.101.120.2.1 no-access
Each entry in this table describes one well known DoS attack address
                 rlSecuritySuiteKnownDoSAttack 1.3.6.1.4.1.9.6.1.101.120.2.1.1 rlsecuritysuiteknowndosattacktype no-access
A well-known DoS attack to enable
                 rlSecuritySuiteKnownDoSAttackEnable 1.3.6.1.4.1.9.6.1.101.120.2.1.2 truthvalue read-write
Enable/Disable a well-known DoS attack
         rlSecuritySuiteKnownDoSAttacksDetailsTable 1.3.6.1.4.1.9.6.1.101.120.3 no-access
This read-only table used to present the detailed attributes of each well-known DoS attack. Used for presentation propose only.
             rlSecuritySuiteKnownDoSAttacksDetailsEntry 1.3.6.1.4.1.9.6.1.101.120.3.1 no-access
Each entry in this table describes one well known DoS attack address ,
                 rlSecuritySuiteKnownDoSAttackProtocl 1.3.6.1.4.1.9.6.1.101.120.3.1.1 rlsecuritysuiteknowndosattackprotocoltype read-only
Specifies the protocol type of the relevant well-known attack
                 rlSecuritySuiteKnownDoSAttackSrcTcpUdpPort 1.3.6.1.4.1.9.6.1.101.120.3.1.2 integer read-only
Specifies the source tcp/udp port of the relevant well-known attack
                 rlSecuritySuiteKnownDoSAttackDestTcpUdpPort 1.3.6.1.4.1.9.6.1.101.120.3.1.3 integer read-only
Specifies the destination tcp/udp port of the relevant well-known attack
         rlSecuritySuiteReservedMartianAddresses 1.3.6.1.4.1.9.6.1.101.120.4 truthvalue read-write
This scalar globally enables/disables discarding of the IP well-known addresses described below: ------------------------------------------------------------------------------- | Address block | Present use |------------------------------------------------------------------------------- |0.0.0.0/8 | Addresses in this block refer to source hosts |(except 0.0.0.0/32 | on 'this' network. | as source address) | |------------------------------------------------------------------------------ |127.0.0.0/8 | This block is assigned for use as the Internet host loop-back address. |----------------------------------------------------------------------------------------------------- |192.0.2.0/24 | This block is assigned as 'TEST-NET' | | for use in documentation and example code. |--------------------------------------------------------------------------- |224.0.0.0/4 as source. | This block, formerly known as the Class D address space, | | is allocated for use in IPv4 multicast address assignments. |------------------------------------------------------------------------------------------- |240.0.0.0/4 | |(except 255.255.255.255/32 | This block, formerly known as the Class E address space, is reserved. | as destination address) | |-------------------------------------------------------------------------------------------------------
         rlSecuritySuiteMartianAddrAllTable 1.3.6.1.4.1.9.6.1.101.120.5 no-access
This read-only table specifies all current configured Martian addresses - both pre-defined (=reserved) and used-configured (=static) addresses
             rlSecuritySuiteMartianAddrAllEntry 1.3.6.1.4.1.9.6.1.101.120.5.1 no-access
Each entry in this table describes one Martian address , packets with this address as IP source or IP destination, are discarded.
                 rlSecuritySuiteMartianAddr 1.3.6.1.4.1.9.6.1.101.120.5.1.1 ipaddress no-access
An IP address to discard all packets with that address as source or destination
                 rlSecuritySuiteMartianAddrNetMask 1.3.6.1.4.1.9.6.1.101.120.5.1.2 ipaddress no-access
Specify the net mask that comprise the destination IP address prefix.
                 rlSecuritySuiteAllMartianEntryType 1.3.6.1.4.1.9.6.1.101.120.5.1.3 rlsecuritysuiteallmartianentrytype read-only
Specific the entry origin: pre-defined (reserved) of statically configured.
         rlSecuritySuiteMartianAddrTable 1.3.6.1.4.1.9.6.1.101.120.6 no-access
This table specifies the Martian addresses - the addresses that packets with these IP addressed as source or destination are discarded.
             rlSecuritySuiteMartianAddrEntry 1.3.6.1.4.1.9.6.1.101.120.6.1 no-access
Each entry in this table describes one Martian address , packets with this address as IP source or IP destination, are discarded.
                 rlSecuritySuiteMartianAddrStatus 1.3.6.1.4.1.9.6.1.101.120.6.1.1 rowstatus read-only
The status of a table entry. It is used to delete/Add an entry from this table.
         rlSecuritySuiteDoSSynAttackTable 1.3.6.1.4.1.9.6.1.101.120.7 no-access
This table contains IP address and rate, to limit DoS SYN attacks from a specific IP address and interface(s)
             rlSecuritySuiteDoSSynAttackEntry 1.3.6.1.4.1.9.6.1.101.120.7.1 no-access
Each entry in this table describes one Martian address , packets with this address as IP source or IP destination, are discarded.
                 rlSecuritySuiteDoSSynAttackIfIndex 1.3.6.1.4.1.9.6.1.101.120.7.1.1 interfaceindex no-access
Interface which the attack is applied on
                 rlSecuritySuiteDoSSynAttackAddr 1.3.6.1.4.1.9.6.1.101.120.7.1.2 ipaddress no-access
An IP address to discard all packets with that address as destination
                 rlSecuritySuiteDoSSynAttackNetMask 1.3.6.1.4.1.9.6.1.101.120.7.1.3 ipaddress no-access
Relevant when rlSecuritySuiteSynAttackRangeType equals prefix(2). Specify the number of bits that comprise the destination IP address prefix.
                 rlSecuritySuiteDoSSynAttackSynRate 1.3.6.1.4.1.9.6.1.101.120.7.1.4 integer read-only
Specify the maximum connections per second allowed from this IP address and rlSecuritySuiteSynAttackPortList
                 rlSecuritySuiteDoSSynAttackStatus 1.3.6.1.4.1.9.6.1.101.120.7.1.6 rowstatus read-only
The status of a table entry. It is used to delete/Add an entry from this table.
         rlSecuritySuiteDenyTypesTable 1.3.6.1.4.1.9.6.1.101.120.8 no-access
This table specifies the ip address and TCP ports that TCP SYN packets from them on a specific interfaces are dropped.
             rlSecuritySuiteDenyTypesEntry 1.3.6.1.4.1.9.6.1.101.120.8.1 no-access
Each entry in this table describes one ip address, TCP port and list of ifIndexes, that packets with these attributes are discarded.
                 rlSecuritySuiteDenyIfIndex 1.3.6.1.4.1.9.6.1.101.120.8.1.1 interfaceindex no-access
Interface which the attack is applied on
                 rlSecuritySuiteDenyAttackType 1.3.6.1.4.1.9.6.1.101.120.8.1.2 rlsecuritysuitedenyattacktype no-access
The specific deny attack type
                 rlSecuritySuiteDenyDestAddr 1.3.6.1.4.1.9.6.1.101.120.8.1.3 ipaddress no-access
An IP address to discard all packets with that address as destination
                 rlSecuritySuiteDenyNetMask 1.3.6.1.4.1.9.6.1.101.120.8.1.4 ipaddress no-access
Relevant when rlSecuritySuiteDenyTCPRangeType equals mask(1). Specify the number of bits that comprise the destination IP address prefix.
                 rlSecuritySuiteDenyDestPort 1.3.6.1.4.1.9.6.1.101.120.8.1.5 integer no-access
Destination TCP port. Use 65553 to specify all ports. This key-field is relevant in specific attack types (not all) Use 0 when not relevant.
                 rlSecuritySuiteDenyStatus 1.3.6.1.4.1.9.6.1.101.120.8.1.6 rowstatus read-only
The status of a table entry. It is used to delete/Add an entry from this table.
         rlSecuritySuiteDenySynFinTcp 1.3.6.1.4.1.9.6.1.101.120.9 rlsecuritysuitedenysynfintcp read-write
This scalar globally enable or disable dropping of tcp packets with both SYN and FIN flags enabled.
         rlSecuritySuiteSynProtectionMode 1.3.6.1.4.1.9.6.1.101.120.10 rlsecuritysuitesynprotectionmode read-write
This scalar globally set protection mode on TCP SYN traffic. Disabled - the system doesn't support protection against TCP SYN attack. Report - the system doesn't support protection against TCP SYN attack,but reports about it. Block - the systems supports protection against TCP SYN attack by blocking this traffic on the port.
         rlSecuritySuiteSynProtectionTreshold 1.3.6.1.4.1.9.6.1.101.120.11 integer read-write
This scalar globally set protection mode treshold value in packet per second on TCP SYN traffic.
         rlSecuritySuiteSynProtectionRecoveryTimeout 1.3.6.1.4.1.9.6.1.101.120.12 integer read-write
This scalar globally set protection reovery time out in secounds.
         rlSecuritySuiteSynProtectionPortTable 1.3.6.1.4.1.9.6.1.101.120.13 no-access
This table keeps SYN protection status per port.
               rlSecuritySuiteSynProtectionPortEntry 1.3.6.1.4.1.9.6.1.101.120.13.1 no-access
Each entry in this table describes TCP SYN protection status for one port.
                   rlSecuritySuiteSynProtectionPortMode 1.3.6.1.4.1.9.6.1.101.120.13.1.1 rlsecuritysuitesynprotectionportmode read-only
The port's TCP SYN protection mode.
                   rlSecuritySuiteSynProtectionPortModeLastTimeAttack 1.3.6.1.4.1.9.6.1.101.120.13.1.2 rlsecuritysuitesynprotectionportmode read-only
The port's TCP SYN protection last attack time mode.
                   rlSecuritySuiteSynProtectionPortLastTimeAttack 1.3.6.1.4.1.9.6.1.101.120.13.1.3 displaystring read-only
The port's TCP SYN protection last attack time.