WebApps/Observium_CE
1
0
Fork 0
Code Pull Requests Activity
Observium_CE/mibs/broadcom/BRCM-SSH-MGMT-MIB

304 lines
10 KiB
Plaintext
Raw Permalink Blame History

--**************************************************************************
--
-- Copyright 2006 Broadcom Corporation
-- All Rights Reserved
-- No portions of this material may be reproduced in any form without the
-- written permission of:
-- Broadcom Corporation
-- 16251 Laguna Canyon Road
-- Irvine, California 92618
-- All information contained in this document is Broadcom Corporation
-- company private, proprietary, and trade secret.
--
--
--
--**************************************************************************
-- Filename: brcm-ssh-mgmt.mib
-- Author: Kevin O'Neal
-- Creation Date: October 27, 2005
--
--**************************************************************************
-- Description:
--
-- private MIB for runtime management of secure shell.
--
--**************************************************************************
-- Revision History:
--
--**************************************************************************
BRCM-SSH-MGMT-MIB DEFINITIONS ::= BEGIN
IMPORTS
MODULE-IDENTITY,
OBJECT-TYPE,
NOTIFICATION-TYPE,
Integer32,
Unsigned32,
IpAddress,
TimeTicks
FROM SNMPv2-SMI
DisplayString,
TruthValue
FROM SNMPv2-TC
InetAddressType,
InetAddress
FROM INET-ADDRESS-MIB
cableDataMgmtBase
FROM BRCM-CABLEDATA-MGMT-MIB;
sshMgmt MODULE-IDENTITY
LAST-UPDATED "200702050000Z"
ORGANIZATION "Broadcom Corporation"
CONTACT-INFO
" BANANA-CABLEDATA
(cableData branch of the
Broadcom Assigned Numbers and Naming Authority)
Broadcom Corporation
Postal: 4385 River Green Parkway
Duluth, GA 30096
USA
Tel: +1 770 232-0018
E-mail: banana-cabledata@broadcom.com"
DESCRIPTION
"Broadcom proprietary MIB for runtime management and configuration
of objects related to SSH (Secure Shell)."
REVISION "200702050000Z"
DESCRIPTION
"Module description was updated.
Compilability issues were cleaned up:
- Chronological order of revision history was corrected.
- Changed access of objects sshHackerAddressType and
sshHackerAddress from not-accessible to accessible-for-notify
so that they may legally be included in the object list for
the sshHackerTrap notification."
REVISION "200609290000Z"
DESCRIPTION
"Added object sshHackerInactivityTimeout."
REVISION "200602020000Z"
DESCRIPTION
"Added object sshSessionInactivityTimeout."
REVISION "200510270000Z"
DESCRIPTION
"Initial version of this MIB module."
::= { cableDataMgmtBase 4 }
sshIpStackInterfaces OBJECT-TYPE
SYNTAX BITS {
interface1(0),
interface2(1),
interface3(2),
interface4(3),
interface5(4),
interface6(5),
interface7(6),
interface8(7)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Controls and reflects the IP stack interfaces on which a ssh server
is active."
DEFVAL { '00'h }
::= { sshMgmt 1 }
sshUserName OBJECT-TYPE
SYNTAX DisplayString (SIZE (0..15))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Controls and reflects the user name which will be allowed ssh
access."
DEFVAL { "" }
::= { sshMgmt 2 }
sshPassword OBJECT-TYPE
SYNTAX DisplayString (SIZE (0..15))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Controls and reflects the password which will be allowed ssh
access."
DEFVAL { "" }
::= { sshMgmt 3 }
sshServerControl OBJECT-TYPE
SYNTAX INTEGER {
stop(0),
start(1)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Used to start or stop the ssh server. When read, indicates
the current state of the server."
::= { sshMgmt 4 }
sshSessionIp OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS deprecated -- in favor of sshSessionAddressType and sshSessionAddress
DESCRIPTION
"This object gives the IP address of the most recently connected device.
If no session has taken place since the last reboot, this object will
read 0.0.0.0."
::= { sshMgmt 5 }
sshSessionInProgress OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Indicates whether or not a ssh session is currently in progress."
::= { sshMgmt 6 }
sshForceUserLogout OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"If a ssh session is currently in progress, setting this object
to true(1) will terminate the session. Setting to false(2) has
no effect. Always returns false(2) when read."
::= { sshMgmt 7 }
sshSessionAddressType OBJECT-TYPE
SYNTAX InetAddressType
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The type of internet address used for sshSessionAddress."
::= { sshMgmt 8 }
sshSessionAddress OBJECT-TYPE
SYNTAX InetAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object gives the address of the most recently connected device.
If no session has taken place since the last reboot, this object will
report an empty string."
::= { sshMgmt 9 }
sshHackerTable OBJECT-TYPE
SYNTAX SEQUENCE OF SshHackerEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A table of internet addresses which have been blacklisted from ssh
access on this station. Blacklisting occurs when a login attempt
fails a number of times from the given address."
::= { sshMgmt 10 }
sshHackerEntry OBJECT-TYPE
SYNTAX SshHackerEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An entry representing a single blacklisted address."
INDEX { sshHackerAddressType, sshHackerAddress }
::= { sshHackerTable 1 }
SshHackerEntry ::=
SEQUENCE {
sshHackerAddressType InetAddressType,
sshHackerAddress InetAddress,
sshHackerNumAttempts Unsigned32,
sshHackerLastTime TimeTicks
}
sshHackerAddressType OBJECT-TYPE
SYNTAX InetAddressType
MAX-ACCESS accessible-for-notify
STATUS current
DESCRIPTION
"The type of internet address used for sshHackerAddress."
::= { sshHackerEntry 1 }
sshHackerAddress OBJECT-TYPE
SYNTAX InetAddress
MAX-ACCESS accessible-for-notify
STATUS current
DESCRIPTION
"The address of an device which has unsuccessfully attempted to log in
to this station enough times to be blacklisted as a hacker."
::= { sshHackerEntry 2 }
sshHackerNumAttempts OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of times that the device represented by this entry has
attempted to log in to this station."
::= { sshHackerEntry 3 }
sshHackerLastTime OBJECT-TYPE
SYNTAX TimeTicks
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value of sysUpTime when this row was created, or when the value
of sshHackerNumAttempts was last incremented."
::= { sshHackerEntry 4 }
sshSessionInactivityTimeout OBJECT-TYPE
SYNTAX INTEGER (0..86400)
UNITS "seconds"
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object controls the length of time after which an ssh session
will be terminated if there is no activity. Note that if this object
is set to zero, the session will never be terminated due to
inactivity."
DEFVAL { 0 }
::= { sshMgmt 11 }
sshHackerInactivityTimeout OBJECT-TYPE
SYNTAX INTEGER (-1..86400)
UNITS "seconds"
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object controls the length of time after which an entry in the
sshHackerTable will be removed if there are no further attempts to
access the system from the corresponding sshHackerAddress. Note
that if this object is set to zero, the sshHackerTable will be
effectively disabled and no IP addresses will be blacklisted for
unauthorized access. If set to -1, entries in the sshHackerTable
will never be aged out and once blacklisted, only a system reboot
will allow another attempted login from the blacklisted address."
DEFVAL { -1 }
::= { sshMgmt 12 }
--
-- Notifications, aka traps.
--
-- Note that this MIB is rather poorly designed in that all the objects
-- reside immediately under the MODULE-IDENTITY node, so there's no really
-- good node to reserve for traps. So we'll just pick 99 which allows
-- some room to add objects if needed.
--
sshTraps OBJECT IDENTIFIER ::= { sshMgmt 99 }
sshHackerTrap NOTIFICATION-TYPE
OBJECTS {
sshHackerAddressType,
sshHackerAddress,
sshHackerNumAttempts,
sshHackerLastTime
}
STATUS current
DESCRIPTION
"An entry has been added to the sshHackerTable, indicating repeated
unauthorized login attempts by the device indicated."
::= { sshTraps 1 }
END
View Git Blame Copy Permalink