2460 lines
88 KiB
Plaintext
2460 lines
88 KiB
Plaintext
-- =============================================================================
|
|
-- Copyright (c) 2010-2013 Hewlett-Packard Development Company, L.P.
|
|
--
|
|
-- Description:
|
|
-- The file defines a MIB to provide wireless detection service feature.
|
|
-- Reference:
|
|
-- Version: V1.7
|
|
-- History:
|
|
-- V1.0 created by shiyang (Richard)
|
|
-- Initial version 2006-08-20
|
|
-- V1.1 2007-05-16 modified by shiyang (Richard)
|
|
-- Add new objects of hpnicfDot11UnauthorSSIDName and hpnicfDot11WIDSAPID.
|
|
-- V1.2 2007-06-19 modified by Deepthi
|
|
-- Changed the hpnicfDot11RogueAPVendorOUI to hpnicfDot11RogueAPVendorName,
|
|
-- Type : OCTET STRING and the Size list: 1: 3 should be removed.
|
|
-- Changed the hpnicfDot11RogueStaVendorOUI to hpnicfDot11RogueStaVendorName,
|
|
-- Type : OCTET STRING and the Size list: 1: 3 should be removed.
|
|
-- Changed the field hpnicfDot11DetectMaxAPSigStrength in
|
|
-- hpnicfDot11WIDSRogueAPExtTable to hpnicfDot11DetectCurAPSigStrength to
|
|
-- hpnicfDot11DetectCurAPSigStrength
|
|
-- Changed the field hpnicfDot11DetectMaxStaSigStrength
|
|
-- HpnicfDot11WIDSRogueStaExtEntry in hpnicfDot11WIDSRogueStaExtTable to
|
|
-- hpnicfDot11DetectCurStaSigStrength
|
|
-- Add new node hpnicfDot11WIDSPermitVendorName in
|
|
-- hpnicfDot11WIDSPermitVendorEntry
|
|
-- Remove the field Country Spec(2), ChannelSpec(3) in
|
|
-- hpnicfDot11WIDSGlobalConfigGroup in hpnicfDot11WIDSScanMode.
|
|
-- Obsolete the node hpnicfDot11WIDSScanChannelList in
|
|
-- hpnicfDot11WIDSGlobalConfigGroup
|
|
-- Add the node hpnicfDot11WIDSScanType to hpnicfDot11WIDSGlobalConfigGroup
|
|
-- V1.3 2008-07-25 modified by heziqi
|
|
-- Add new node hpnicfDot11CntMsrEnable, hpnicfDot11CntMsrMode,
|
|
-- hpnicfDot11DevAgingTime, hpnicfDot11DynBlkListEnable,
|
|
-- hpnicfDot11DynBlkListLifeTime, hpnicfDot11FloodAtkDctEnable,
|
|
-- hpnicfDot11SpoofAtkDctEnable, hpnicfDot11WeakIVAtkDctEnable,
|
|
-- hpnicfDot11ResetWIDSRogueHistory, hpnicfDot11ResetWIDSHistroy,
|
|
-- hpnicfDot11ResetWIDSStatistics, hpnicfDot11ResetAllDynBlkList,
|
|
-- hpnicfDot11ResetAllStcBlkList, hpnicfDot11ResetAllWhtBlkList,
|
|
-- hpnicfDot11ResetAllDctRogueAP, hpnicfDot11ResetAllDctRogueSta,
|
|
-- hpnicfDot11ResetAllDctAdhoc, hpnicfDot11ResetAllDctDevice,
|
|
-- hpnicfDot11ResetAllDctSSID in hpnicfDot11WIDSGlobalConfigGroup.
|
|
-- Add new node hpnicfDot11PermitSSIDDetected
|
|
-- in hpnicfDot11WIDSPermitSSIDTable.
|
|
-- Add new node hpnicfDot11IgnoreMACDetected, hpnicfDot11IgnoreDevType
|
|
-- in hpnicfDot11WIDSIgnoreListTable.
|
|
-- Add new table hpnicfDot11StaticWhiteListTable,
|
|
-- hpnicfDot11StaticBlackListTable, hpnicfDot11WIDSRogueAPTable,
|
|
-- hpnicfDot11WIDSRogueStaTable, hpnicfDot11WIDSDetectedDevTable,
|
|
-- hpnicfDot11WIDSRptAPTable, hpnicfDot11DynBlackListTable,
|
|
-- hpnicfDot11WIDSRogueHistoryTable, hpnicfDot11WIDSAtkHistroyTable
|
|
-- in hpnicfDot11WIDSDetectGroup.
|
|
-- Add hpnicfDot11WIDSAtkStatis in hpnicfDot11WIDSDetectGroup.
|
|
-- Add notification hpnicfDot11WIDSDetectAttack and
|
|
-- hpnicfDot11WIDSDetectWBridge.
|
|
-- V1.4 2009-05-07 modified by Li Yugang, Wang Shaojie, Sun Shuai
|
|
-- Add hpnicfDot11WidsFloodInterval, hpnicfDot11WidsBlackListThreshold,
|
|
-- hpnicfDot11SSIDFilterOnOff, hpnicfDot11BSSIDFilterOnOff to
|
|
-- hpnicfDot11WIDSGlobalConfigGroup.
|
|
-- Add hpnicfDot11WIDSPermitBSSIDTable to hpnicfDot11WIDSConfigGroup.
|
|
-- Add hpnicfDot11WIDSFloodTrap, hpnicfDot11WIDSSpoofTrap,
|
|
-- hpnicfDot11WIDSWeakIVTrap to hpnicfDot11WIDSTraps.
|
|
-- Add hpnicfDot11MonitorAPID,hpnicfDot11MonitorApRadioID,
|
|
-- hpnicfDot11WIDSAtkMac, hpnicfDot11WIDSAtkFrameType
|
|
-- to hpnicfDot11WIDSTrapVarObjects.
|
|
-- V1.5 2009-07-29 modified by heziqi
|
|
-- Add new node hpnicfDot11WIDSDevSnr for hpnicfDot11WIDSDetectedDevTable.
|
|
-- V1.6 2010-01-07 modified by Wang Shaojie
|
|
-- Add new node hpnicfDot11RogueAPFirstDetectTmStr,
|
|
-- hpnicfDot11RogueAPLastDetectTmStr to hpnicfDot11WIDSRogueAPTable
|
|
-- Add new node hpnicfDot11RogueStaFirstDetectTmStr,
|
|
-- hpnicfDot11RogueStaLastDetectTmStr to hpnicfDot11WIDSRogueStaTable
|
|
-- Add hpnicfDot11WIDSAtkChannel, hpnicfDot11WIDSAtkTime,
|
|
-- hpnicfDot11WIDSAtkDestMac to hpnicfDot11WIDSTrapVarObjects.
|
|
-- 2010-03-18 Modified by Deng Gaoliang
|
|
-- Add hpnicfDot11BlackListTable
|
|
-- 2010-05-31 Modified by LiuChen
|
|
-- Add new node hpnicfDot11DynBlackListTimeTicks to
|
|
-- hpnicfDot11DynBlackListTable.
|
|
-- Add new node hpnicfDot11BlackListTimeTicks to
|
|
-- hpnicfDot11BlackListTable.
|
|
-- V1.7 2011-10-28 modified by jiaolibin
|
|
-- Add hpnicfDot11WIDSFirstTrapTime to hpnicfDot11WIDSTrapVarObjects and
|
|
-- varialbe bingings hpnicfDot11WIDSFirstTrapTime for hpnicfDot11WIDSFloodTrap,
|
|
-- hpnicfDot11WIDSSpoofTrap,hpnicfDot11WIDSWeakIVTrap.
|
|
-- =============================================================================
|
|
HPN-ICF-DOT11-WIDS-MIB DEFINITIONS ::= BEGIN
|
|
|
|
IMPORTS
|
|
TruthValue,
|
|
MacAddress,
|
|
RowStatus,
|
|
DateAndTime,
|
|
TEXTUAL-CONVENTION
|
|
FROM SNMPv2-TC
|
|
MODULE-IDENTITY,
|
|
OBJECT-TYPE,
|
|
NOTIFICATION-TYPE,
|
|
Integer32,
|
|
Unsigned32,
|
|
TimeTicks
|
|
FROM SNMPv2-SMI
|
|
hpnicfDot11,
|
|
HpnicfDot11SSIDStringType,
|
|
HpnicfDot11ChannelScopeType,
|
|
HpnicfDot11RadioScopeType,
|
|
HpnicfDot11ObjectIDType,
|
|
HpnicfDot11RadioType
|
|
FROM HPN-ICF-DOT11-REF-MIB;
|
|
|
|
hpnicfDot11WIDS MODULE-IDENTITY
|
|
LAST-UPDATED "201005311800Z" -- May 31, 2010 at 18:00 GMT
|
|
ORGANIZATION
|
|
""
|
|
CONTACT-INFO
|
|
""
|
|
DESCRIPTION
|
|
"This MIB provides information about WIDS feature.
|
|
|
|
GLOSSARY
|
|
|
|
Wireless Intrusion Detection Sensor (WIDS)
|
|
WIDS is designed to be employed in an area that is serviced
|
|
by an existing wireless network.
|
|
It aids in the early detection of malicious outsider attacks
|
|
and intrusions via wireless networks.
|
|
|
|
Rogue AP
|
|
A rogue access point is any Wi-Fi access point connected to
|
|
the network without authorization.
|
|
As it is not authorized, if there is any weakness in
|
|
the AP, the hacker will have chance to compromise the
|
|
network.
|
|
|
|
Rogue Station
|
|
It is similiar to Rogue AP, while it is a station.
|
|
|
|
Monitor AP
|
|
An AP will scan or listen to the air, and try to detect
|
|
wireless attack in the network.
|
|
Some AP products will work only in monitor role, while some
|
|
AP products could switch between normal AP role (only
|
|
provide wireless access service)and monitor AP role.
|
|
|
|
Ad Hoc Mode
|
|
Station could work under Ad hoc mode, then they
|
|
could directly do peer-to-peer communication without
|
|
other device support."
|
|
|
|
REVISION "201005311800Z" -- May 31, 2010 at 18:00 GMT
|
|
DESCRIPTION
|
|
"Modified to add new nodes."
|
|
REVISION "200907291800Z" -- Jul 29, 2009 at 18:00 GMT
|
|
DESCRIPTION
|
|
"Modified to add new nodes."
|
|
REVISION "200905072000Z" -- May 7, 2009 at 20:00 GMT
|
|
DESCRIPTION
|
|
"Add new nodes and table to support new featrues of WIDS."
|
|
REVISION "200807251900Z" -- July 23, 2008 at 19:00 GMT
|
|
DESCRIPTION
|
|
"Add new nodes to support new featrues of WIDS."
|
|
REVISION "200706191900Z" -- June 19, 2007 at 19:00 GMT
|
|
DESCRIPTION
|
|
"To fix bugs in the MIB file."
|
|
REVISION "200705161900Z" -- May 16, 2007 at 19:00 GMT
|
|
DESCRIPTION
|
|
"To fix bugs in the MIB file."
|
|
REVISION "200608201900Z" -- August 20, 2006 at 19:00 GMT
|
|
DESCRIPTION
|
|
"The initial revision of this MIB module."
|
|
::= { hpnicfDot11 5 }
|
|
|
|
-- ==================================================================
|
|
-- Textual Conventions
|
|
-- ==================================================================
|
|
|
|
HpnicfDot11WIDSDevType ::= TEXTUAL-CONVENTION
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The type of device detected."
|
|
SYNTAX INTEGER
|
|
{
|
|
client(1),
|
|
ap(2),
|
|
adhoc(3),
|
|
wirelessBridge(4),
|
|
unknown(5)
|
|
}
|
|
|
|
HpnicfDot11WIDSDevPermitType ::= TEXTUAL-CONVENTION
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents whether the detected device is permitted or a rogue."
|
|
SYNTAX INTEGER
|
|
{
|
|
permit(1),
|
|
rogue(2)
|
|
}
|
|
|
|
HpnicfDot11WIDSAtkType ::= TEXTUAL-CONVENTION
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The type of attack.
|
|
This object has following defined values:
|
|
'act': Action Frame
|
|
'asr': Association Request
|
|
'aur': Authentication Request
|
|
'daf': Deauthentication Frame
|
|
'dar': Disassociation Request
|
|
'ndf': Null Data Frame
|
|
'pbr': Probe Request
|
|
'rar': Reassociation Request
|
|
'saf': Spoofed Disassociation Frame
|
|
'sdf': Spoofed Deauthentication Frame
|
|
'wiv': Weak IV Detected"
|
|
SYNTAX INTEGER
|
|
{
|
|
act(1),
|
|
asr(2),
|
|
aur(3),
|
|
daf(4),
|
|
dar(5),
|
|
ndf(6),
|
|
pbr(7),
|
|
rar(8),
|
|
saf(9),
|
|
sdf(10),
|
|
wiv(11),
|
|
unknown(12)
|
|
}
|
|
|
|
|
|
-- *****************************************************************************
|
|
-- * Major sections
|
|
-- *****************************************************************************
|
|
-- WIDS Configuration Group
|
|
-- DEFINED AS "The group to provide the configuration information
|
|
-- for WIDS."
|
|
hpnicfDot11WIDSConfigGroup OBJECT IDENTIFIER ::= { hpnicfDot11WIDS 1 }
|
|
-- The Configuration Group has the following children:
|
|
hpnicfDot11WIDSGlobalConfigGroup OBJECT IDENTIFIER
|
|
::= { hpnicfDot11WIDSConfigGroup 1 }
|
|
-- hpnicfDot11WIDSPermitVendorTable ::= { hpnicfDot11WIDSConfigGroup 2 }
|
|
-- hpnicfDot11WIDSPermitSSIDTable ::= { hpnicfDot11WIDSConfigGroup 3 }
|
|
-- hpnicfDot11WIDSIgnoreListTable ::= { hpnicfDot11WIDSConfigGroup 4 }
|
|
-- hpnicfDot11WIDSAttackListTable ::= { hpnicfDot11WIDSConfigGroup 5 }
|
|
|
|
-- WIDS detection Group
|
|
-- DEFINED AS "The group to provide the detection information
|
|
-- for WIDS."
|
|
hpnicfDot11WIDSDetectGroup OBJECT IDENTIFIER ::= { hpnicfDot11WIDS 2 }
|
|
-- The detection Group has the following children:
|
|
-- hpnicfDot11WIDSRogueAPTable ::= { hpnicfDot11WIDSDetectGroup 1 }
|
|
-- hpnicfDot11WIDSRogueAPExtTable ::= { hpnicfDot11WIDSDetectGroup 2 }
|
|
-- hpnicfDot11WIDSRogueStaTable ::= { hpnicfDot11WIDSDetectGroup 3 }
|
|
-- hpnicfDot11WIDSRogueStaExtTable ::= { hpnicfDot11WIDSDetectGroup 4 }
|
|
|
|
-- WIDS Notification
|
|
-- DEFINED AS "The notification for WIDS feature."
|
|
hpnicfDot11WIDSNotifyGroup OBJECT IDENTIFIER ::= { hpnicfDot11WIDS 3 }
|
|
|
|
-- *****************************************************************************
|
|
-- * hpnicfDot11WIDSGlobalConfigGroup Definition
|
|
-- *****************************************************************************
|
|
hpnicfDot11WIDSScanMode OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
all(1),
|
|
auto(2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents the scope of channels to be scanned.
|
|
The following value are supported
|
|
all(1) - Do scan on all the channels.
|
|
auto(2) - Do scan for the channels that automatically
|
|
selected by WIDS."
|
|
DEFVAL { auto }
|
|
::= { hpnicfDot11WIDSGlobalConfigGroup 1 }
|
|
|
|
hpnicfDot11WIDSScanChannelList OBJECT-TYPE
|
|
SYNTAX OCTET STRING(SIZE(0..128))
|
|
MAX-ACCESS read-write
|
|
STATUS obsolete
|
|
DESCRIPTION
|
|
"Represents the channel scope to be scanned when
|
|
hpnicfDot11WIDSScanMode is configurated as channelSpec mode.
|
|
Each channel value will be separated by comma character."
|
|
::= { hpnicfDot11WIDSGlobalConfigGroup 2 }
|
|
|
|
hpnicfDot11CntMsrMode OBJECT-TYPE
|
|
SYNTAX BITS
|
|
{
|
|
rogue(0),
|
|
adhoc(1),
|
|
config(2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents the countermeasures mode."
|
|
::= { hpnicfDot11WIDSGlobalConfigGroup 3 }
|
|
|
|
hpnicfDot11DevAgingTime OBJECT-TYPE
|
|
SYNTAX Integer32(300..1800)
|
|
UNITS "second"
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents the age time for entries in the detected device table.
|
|
If an entry is not detected within the interval, it is deleted from
|
|
the detected device table. If the deleted entry is that of a rogue, it
|
|
is added into the rogue history table."
|
|
::= { hpnicfDot11WIDSGlobalConfigGroup 4 }
|
|
|
|
hpnicfDot11DynBlkListEnable OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents whether the dynamic blacklist feature is enabled or not.
|
|
'true' : Enable the dynamic blacklist feature to filter out unwanted
|
|
clients, which will not get associated.
|
|
'false' : Disable the dynamic blacklist feature."
|
|
::= { hpnicfDot11WIDSGlobalConfigGroup 5 }
|
|
|
|
hpnicfDot11DynBlkListLifeTime OBJECT-TYPE
|
|
SYNTAX Integer32(60..3600)
|
|
UNITS "second"
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents the lifetime for dynamic blacklist entries.
|
|
If a dynamic blacklist entry is not detected within the lifetime, the
|
|
entry will be removed from the dynamic blacklist.
|
|
The lifetime becomes active only if dynamic blacklist feature is
|
|
enabled."
|
|
::= { hpnicfDot11WIDSGlobalConfigGroup 6 }
|
|
|
|
hpnicfDot11FloodAtkDctEnable OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents whether detection of flood attack is enabled or not.
|
|
'true' : Enable the detection of flood attack.
|
|
'false' : Disable the detection of flood attack."
|
|
::= { hpnicfDot11WIDSGlobalConfigGroup 7 }
|
|
|
|
hpnicfDot11SpoofAtkDctEnable OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents whether detection of Spoof attack is enabled or not.
|
|
'true' : Enable the detection of Spoof attack.
|
|
'false' : Disable the detection of Spoof attack."
|
|
::= { hpnicfDot11WIDSGlobalConfigGroup 8 }
|
|
|
|
hpnicfDot11WeakIVAtkDctEnable OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents whether detection of weak-iv attack is enabled or not.
|
|
'true' : Enable the detection of weak-iv attack.
|
|
'false' : Disable the detection of weak-iv attack."
|
|
::= { hpnicfDot11WIDSGlobalConfigGroup 9 }
|
|
|
|
hpnicfDot11ResetWIDSRogueHistory OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is used to clear all entries from the rogue history table.
|
|
It will return false for get operation."
|
|
::= { hpnicfDot11WIDSGlobalConfigGroup 10 }
|
|
|
|
hpnicfDot11ResetWIDSHistroy OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is used to clear the history information of attacks
|
|
detected in the WLAN system.
|
|
It will return false for get operation."
|
|
::= { hpnicfDot11WIDSGlobalConfigGroup 11 }
|
|
|
|
hpnicfDot11ResetWIDSStatistics OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is used to clear the statistics of attacks detected in the
|
|
WLAN system.
|
|
It will return false for get operation."
|
|
::= { hpnicfDot11WIDSGlobalConfigGroup 12 }
|
|
|
|
hpnicfDot11ResetAllDynBlkList OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is used to remove all entries from the dynamic blacklist.
|
|
It will return false for get operation."
|
|
::= { hpnicfDot11WIDSGlobalConfigGroup 13 }
|
|
|
|
hpnicfDot11ResetAllStcBlkList OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is used to remove all entries from the static blacklist.
|
|
It will return false for get operation."
|
|
::= { hpnicfDot11WIDSGlobalConfigGroup 14 }
|
|
|
|
hpnicfDot11ResetAllWhtBlkList OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is used to remove all entries from the static whitelist.
|
|
It will return false for get operation."
|
|
::= { hpnicfDot11WIDSGlobalConfigGroup 15 }
|
|
|
|
hpnicfDot11ResetAllDctRogueAP OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is used to clear the information of all detected rogue APs.
|
|
It will return false for get operation."
|
|
::= { hpnicfDot11WIDSGlobalConfigGroup 16 }
|
|
|
|
hpnicfDot11ResetAllDctRogueSta OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is used to clear the information of all detected rogue
|
|
clients.
|
|
It will return false for get operation."
|
|
::= { hpnicfDot11WIDSGlobalConfigGroup 17 }
|
|
|
|
hpnicfDot11ResetAllDctAdhoc OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is used to clear the information of all detected ad hoc
|
|
devices.
|
|
It will return false for get operation."
|
|
::= { hpnicfDot11WIDSGlobalConfigGroup 18 }
|
|
|
|
hpnicfDot11ResetAllDctDevice OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is used to clear the information of all detected devices.
|
|
It will return false for get operation."
|
|
::= { hpnicfDot11WIDSGlobalConfigGroup 19 }
|
|
|
|
hpnicfDot11ResetAllDctSSID OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is used to clear the information of all detected SSIDs.
|
|
It will return false for get operation."
|
|
::= { hpnicfDot11WIDSGlobalConfigGroup 20 }
|
|
|
|
hpnicfDot11WidsFloodInterval OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
UNITS "second"
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The interval of WIDS flood detection."
|
|
DEFVAL { 1 }
|
|
::= { hpnicfDot11WIDSGlobalConfigGroup 21 }
|
|
|
|
hpnicfDot11WidsBlackListThreshold OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"When flood attack exceeds the value of this node,
|
|
the MAC address will be added into black list."
|
|
DEFVAL { 100 }
|
|
::= { hpnicfDot11WIDSGlobalConfigGroup 22 }
|
|
|
|
hpnicfDot11SSIDFilterOnOff OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
on(1),
|
|
off(2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents whether the SSID permit feature is enabled or not."
|
|
DEFVAL { on }
|
|
::= { hpnicfDot11WIDSGlobalConfigGroup 23 }
|
|
|
|
hpnicfDot11BSSIDFilterOnOff OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
on(1),
|
|
off(2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents whether the BSSID permit feature is enabled or not."
|
|
DEFVAL { on }
|
|
::= { hpnicfDot11WIDSGlobalConfigGroup 24 }
|
|
|
|
-- **********************************************************************
|
|
-- * End of hpnicfDot11WIDSGlobalConfigGroup Definition
|
|
-- *****************************************************************************
|
|
|
|
-- *****************************************************************************
|
|
-- * hpnicfDot11WIDSPermitVendorTable Definition
|
|
-- *****************************************************************************
|
|
hpnicfDot11WIDSPermitVendorTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF HpnicfDot11WIDSPermitVendorEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The table provides the permitted vendor list, and each vendor
|
|
will be identified by OUI.
|
|
The legal device should be made by the permitted vendors."
|
|
::= { hpnicfDot11WIDSConfigGroup 2 }
|
|
|
|
hpnicfDot11WIDSPermitVendorEntry OBJECT-TYPE
|
|
SYNTAX HpnicfDot11WIDSPermitVendorEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Each entry provides the information of permitted vendor."
|
|
INDEX
|
|
{
|
|
hpnicfDot11VendorOUI
|
|
}
|
|
::= { hpnicfDot11WIDSPermitVendorTable 1 }
|
|
|
|
HpnicfDot11WIDSPermitVendorEntry ::= SEQUENCE
|
|
{
|
|
hpnicfDot11VendorOUI OCTET STRING,
|
|
hpnicfDot11PermitVendorRowStatus RowStatus,
|
|
hpnicfDot11VendorName OCTET STRING
|
|
}
|
|
|
|
hpnicfDot11VendorOUI OBJECT-TYPE
|
|
SYNTAX OCTET STRING(SIZE(3))
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents the vendor OUI information of the wireless device."
|
|
::= { hpnicfDot11WIDSPermitVendorEntry 1 }
|
|
|
|
hpnicfDot11PermitVendorRowStatus OBJECT-TYPE
|
|
SYNTAX RowStatus
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The status of this table entry."
|
|
::= { hpnicfDot11WIDSPermitVendorEntry 2 }
|
|
|
|
hpnicfDot11VendorName OBJECT-TYPE
|
|
SYNTAX OCTET STRING(SIZE(0..127))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents the vendor name of the wireless device."
|
|
::= { hpnicfDot11WIDSPermitVendorEntry 3 }
|
|
-- *****************************************************************************
|
|
-- * End of hpnicfDot11WIDSPermitVendorTable Definition
|
|
-- *****************************************************************************
|
|
|
|
-- *****************************************************************************
|
|
-- * hpnicfDot11WIDSPermitSSIDTable Definition
|
|
-- *****************************************************************************
|
|
hpnicfDot11WIDSPermitSSIDTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF HpnicfDot11WIDSPermitSSIDEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The table represents the list of SSID could be permitted in
|
|
the wireless network."
|
|
::= { hpnicfDot11WIDSConfigGroup 3 }
|
|
|
|
hpnicfDot11WIDSPermitSSIDEntry OBJECT-TYPE
|
|
SYNTAX HpnicfDot11WIDSPermitSSIDEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Each entry provides the information of permitted SSID."
|
|
INDEX
|
|
{
|
|
hpnicfDot11PermitSSID
|
|
}
|
|
::= { hpnicfDot11WIDSPermitSSIDTable 1 }
|
|
|
|
HpnicfDot11WIDSPermitSSIDEntry ::= SEQUENCE
|
|
{
|
|
hpnicfDot11PermitSSID HpnicfDot11SSIDStringType,
|
|
hpnicfDot11PermitSSIDRowStatus RowStatus,
|
|
hpnicfDot11PermitSSIDDetected TruthValue
|
|
}
|
|
|
|
hpnicfDot11PermitSSID OBJECT-TYPE
|
|
SYNTAX HpnicfDot11SSIDStringType(SIZE(0..127))
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents the permitted SSID in the wireless network."
|
|
::= { hpnicfDot11WIDSPermitSSIDEntry 1 }
|
|
|
|
hpnicfDot11PermitSSIDRowStatus OBJECT-TYPE
|
|
SYNTAX RowStatus
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The status of this table entry."
|
|
::= { hpnicfDot11WIDSPermitSSIDEntry 2 }
|
|
|
|
hpnicfDot11PermitSSIDDetected OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents whether the permitted SSID is detected or not."
|
|
::= { hpnicfDot11WIDSPermitSSIDEntry 3 }
|
|
-- *****************************************************************************
|
|
-- * End of hpnicfDot11WIDSPermitSSIDTable Definition
|
|
-- *****************************************************************************
|
|
|
|
-- *****************************************************************************
|
|
-- * hpnicfDot11WIDSIgnoreListTable Definition
|
|
-- *****************************************************************************
|
|
hpnicfDot11WIDSIgnoreListTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF HpnicfDot11WIDSIgnoreListEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The table provides the MAC address list of stations or APs,
|
|
and WIDS always take them as legal stations or APs."
|
|
::= { hpnicfDot11WIDSConfigGroup 4 }
|
|
|
|
hpnicfDot11WIDSIgnoreListEntry OBJECT-TYPE
|
|
SYNTAX HpnicfDot11WIDSIgnoreListEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Each entry contains the MAC address of station or AP,
|
|
and WIDS always take it as legal station or AP."
|
|
INDEX
|
|
{
|
|
hpnicfDot11IgnoreMAC
|
|
}
|
|
::= { hpnicfDot11WIDSIgnoreListTable 1 }
|
|
|
|
HpnicfDot11WIDSIgnoreListEntry ::= SEQUENCE
|
|
{
|
|
hpnicfDot11IgnoreMAC MacAddress,
|
|
hpnicfDot11IgnoreListRowStatus RowStatus,
|
|
hpnicfDot11IgnoreMACDetected TruthValue,
|
|
hpnicfDot11IgnoreDevType HpnicfDot11WIDSDevType
|
|
}
|
|
|
|
hpnicfDot11IgnoreMAC OBJECT-TYPE
|
|
SYNTAX MacAddress
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents the MAC address of station or AP, and WIDS always
|
|
take it as legal station or AP."
|
|
::= { hpnicfDot11WIDSIgnoreListEntry 1 }
|
|
|
|
hpnicfDot11IgnoreListRowStatus OBJECT-TYPE
|
|
SYNTAX RowStatus
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The status of this table entry."
|
|
::= { hpnicfDot11WIDSIgnoreListEntry 2 }
|
|
|
|
hpnicfDot11IgnoreMACDetected OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents whether the MAC address detected or not."
|
|
::= { hpnicfDot11WIDSIgnoreListEntry 3 }
|
|
|
|
hpnicfDot11IgnoreDevType OBJECT-TYPE
|
|
SYNTAX HpnicfDot11WIDSDevType
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents the type of the MAC address detected.
|
|
The value of this object always is unknown if the MAC address is not
|
|
detected."
|
|
::= { hpnicfDot11WIDSIgnoreListEntry 4 }
|
|
-- *****************************************************************************
|
|
-- * End of hpnicfDot11WIDSIgnoreListTable Definition
|
|
-- *****************************************************************************
|
|
|
|
-- *****************************************************************************
|
|
-- * hpnicfDot11WIDSAttackListTable Definition
|
|
-- *****************************************************************************
|
|
hpnicfDot11WIDSAttackListTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF HpnicfDot11WIDSAttackListEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The table provides the MAC address list of rogue APs or rogue
|
|
stations, the WIDS will take countermeasure as per the MAC
|
|
address list."
|
|
::= { hpnicfDot11WIDSConfigGroup 5 }
|
|
|
|
hpnicfDot11WIDSAttackListEntry OBJECT-TYPE
|
|
SYNTAX HpnicfDot11WIDSAttackListEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Each entry contains the MAC address of rogue AP or rogue station,
|
|
and the countermeasure will be taken for it."
|
|
INDEX
|
|
{
|
|
hpnicfDot11AttackDeviceMac
|
|
}
|
|
::= { hpnicfDot11WIDSAttackListTable 1 }
|
|
|
|
HpnicfDot11WIDSAttackListEntry ::= SEQUENCE
|
|
{
|
|
hpnicfDot11AttackDeviceMac MacAddress,
|
|
hpnicfDot11AttackListRowStatus RowStatus,
|
|
hpnicfDot11AttackDevDetected TruthValue,
|
|
hpnicfDot11AttackDevType HpnicfDot11WIDSDevType
|
|
}
|
|
|
|
hpnicfDot11AttackDeviceMac OBJECT-TYPE
|
|
SYNTAX MacAddress
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents the MAC address of rogue AP or rogue station,
|
|
and the countermeasure will be taken for it."
|
|
::= { hpnicfDot11WIDSAttackListEntry 1 }
|
|
|
|
hpnicfDot11AttackListRowStatus OBJECT-TYPE
|
|
SYNTAX RowStatus
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The status of this table entry."
|
|
::= { hpnicfDot11WIDSAttackListEntry 2 }
|
|
|
|
hpnicfDot11AttackDevDetected OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents whether the assigned MAC address in attack list is detected
|
|
or not."
|
|
::= { hpnicfDot11WIDSAttackListEntry 3 }
|
|
|
|
hpnicfDot11AttackDevType OBJECT-TYPE
|
|
SYNTAX HpnicfDot11WIDSDevType
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents the type of detected MAC address in attack list. If the
|
|
MAC address is not detected, it will return unknown(5) for get
|
|
operation."
|
|
::= { hpnicfDot11WIDSAttackListEntry 4 }
|
|
-- *****************************************************************************
|
|
-- * End of hpnicfDot11WIDSAttackListTable Definition
|
|
-- *****************************************************************************
|
|
|
|
-- *****************************************************************************
|
|
-- * hpnicfDot11StaticWhiteListTable Definition
|
|
-- *****************************************************************************
|
|
hpnicfDot11StaticWhiteListTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF HpnicfDot11StaticWhiteListEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The table provides the information of whitelist."
|
|
::= { hpnicfDot11WIDSConfigGroup 6 }
|
|
|
|
hpnicfDot11StaticWhiteListEntry OBJECT-TYPE
|
|
SYNTAX HpnicfDot11StaticWhiteListEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Each entry contains the information of whitelist."
|
|
INDEX
|
|
{
|
|
hpnicfDot11StaticWhiteListMAC
|
|
}
|
|
::= { hpnicfDot11StaticWhiteListTable 1 }
|
|
|
|
HpnicfDot11StaticWhiteListEntry ::= SEQUENCE
|
|
{
|
|
hpnicfDot11StaticWhiteListMAC MacAddress,
|
|
hpnicfDot11StaticWhiteListRowStatus RowStatus
|
|
}
|
|
|
|
hpnicfDot11StaticWhiteListMAC OBJECT-TYPE
|
|
SYNTAX MacAddress
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents the MAC addresses in whitelist."
|
|
::= { hpnicfDot11StaticWhiteListEntry 1 }
|
|
|
|
hpnicfDot11StaticWhiteListRowStatus OBJECT-TYPE
|
|
SYNTAX RowStatus
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The status of this table entry."
|
|
::= { hpnicfDot11StaticWhiteListEntry 2 }
|
|
-- *****************************************************************************
|
|
-- * End of hpnicfDot11StaticWhiteListTable Definition
|
|
-- *****************************************************************************
|
|
|
|
-- *****************************************************************************
|
|
-- * hpnicfDot11StaticBlackListTable Definition
|
|
-- *****************************************************************************
|
|
hpnicfDot11StaticBlackListTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF HpnicfDot11StaticBlackListEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The table provides the information of static blacklist."
|
|
::= { hpnicfDot11WIDSConfigGroup 7 }
|
|
|
|
hpnicfDot11StaticBlackListEntry OBJECT-TYPE
|
|
SYNTAX HpnicfDot11StaticBlackListEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Each entry contains the information of static blacklist."
|
|
INDEX
|
|
{
|
|
hpnicfDot11StaticBlackListMAC
|
|
}
|
|
::= { hpnicfDot11StaticBlackListTable 1 }
|
|
|
|
HpnicfDot11StaticBlackListEntry ::= SEQUENCE
|
|
{
|
|
hpnicfDot11StaticBlackListMAC MacAddress,
|
|
hpnicfDot11StaticBlackListRowStatus RowStatus
|
|
}
|
|
|
|
hpnicfDot11StaticBlackListMAC OBJECT-TYPE
|
|
SYNTAX MacAddress
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents the MAC addresses in static blacklist."
|
|
::= { hpnicfDot11StaticBlackListEntry 1 }
|
|
|
|
hpnicfDot11StaticBlackListRowStatus OBJECT-TYPE
|
|
SYNTAX RowStatus
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The status of this table entry."
|
|
::= { hpnicfDot11StaticBlackListEntry 2 }
|
|
-- *****************************************************************************
|
|
-- * End of hpnicfDot11StaticBlackListTable Definition
|
|
-- *****************************************************************************
|
|
|
|
-- *****************************************************************************
|
|
-- * hpnicfDot11WIDSPermitBSSIDTable Definition
|
|
-- *****************************************************************************
|
|
hpnicfDot11WIDSPermitBSSIDTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF HpnicfDot11WIDSPermitBSSIDEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The table represents the list of BSSID could be permitted in
|
|
the wireless network."
|
|
::= { hpnicfDot11WIDSConfigGroup 8 }
|
|
|
|
hpnicfDot11WIDSPermitBSSIDEntry OBJECT-TYPE
|
|
SYNTAX HpnicfDot11WIDSPermitBSSIDEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Each entry provides the information of permitted BSSID."
|
|
INDEX
|
|
{
|
|
hpnicfDot11PermitBSSID
|
|
}
|
|
::= { hpnicfDot11WIDSPermitBSSIDTable 1 }
|
|
|
|
HpnicfDot11WIDSPermitBSSIDEntry ::= SEQUENCE
|
|
{
|
|
hpnicfDot11PermitBSSID MacAddress,
|
|
hpnicfDot11PermitBSSIDDetected TruthValue,
|
|
hpnicfDot11PermitBSSIDRowStatus RowStatus
|
|
}
|
|
|
|
hpnicfDot11PermitBSSID OBJECT-TYPE
|
|
SYNTAX MacAddress
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents the permitted BSSID in the wireless network."
|
|
::= { hpnicfDot11WIDSPermitBSSIDEntry 1 }
|
|
|
|
hpnicfDot11PermitBSSIDDetected OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents whether the permitted BSSID is detected or not."
|
|
::= { hpnicfDot11WIDSPermitBSSIDEntry 2 }
|
|
|
|
hpnicfDot11PermitBSSIDRowStatus OBJECT-TYPE
|
|
SYNTAX RowStatus
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents the row status of permit BSSID table."
|
|
::= { hpnicfDot11WIDSPermitBSSIDEntry 3 }
|
|
-- *****************************************************************************
|
|
-- * End of hpnicfDot11StaticBlackListTable Definition
|
|
-- *****************************************************************************
|
|
|
|
-- *****************************************************************************
|
|
-- * hpnicfDot11WIDSRogueAPTable Definition
|
|
-- *****************************************************************************
|
|
hpnicfDot11WIDSRogueAPTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF HpnicfDot11WIDSRogueAPEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The table represents the list of possible BSS information for
|
|
rogue APs detected by the WIDS."
|
|
::= { hpnicfDot11WIDSDetectGroup 1 }
|
|
|
|
hpnicfDot11WIDSRogueAPEntry OBJECT-TYPE
|
|
SYNTAX HpnicfDot11WIDSRogueAPEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Each entry contains possible BSS information of each rogue AP
|
|
detected by WIDS."
|
|
INDEX
|
|
{
|
|
hpnicfDot11RogueAPBSSMAC
|
|
}
|
|
::= { hpnicfDot11WIDSRogueAPTable 1 }
|
|
|
|
HpnicfDot11WIDSRogueAPEntry ::= SEQUENCE
|
|
{
|
|
hpnicfDot11RogueAPBSSMAC MacAddress,
|
|
hpnicfDot11RogueAPVendorName OCTET STRING,
|
|
hpnicfDot11RogueAPMonitorNum Integer32,
|
|
hpnicfDot11RogueAPFirstDetectTm TimeTicks,
|
|
hpnicfDot11RogueAPLastDetectTm TimeTicks,
|
|
hpnicfDot11RogueAPSSID HpnicfDot11SSIDStringType,
|
|
hpnicfDot11RogueAPMaxSigStrength Integer32,
|
|
hpnicfDot11RogueAPChannel HpnicfDot11ChannelScopeType,
|
|
hpnicfDot11RogueAPBeaconInterval Integer32,
|
|
hpnicfDot11RogueAPAttackedStatus TruthValue,
|
|
hpnicfDot11RogueAPToIgnore TruthValue,
|
|
hpnicfDot11RogueAPEncryptStatus TruthValue,
|
|
hpnicfDot11RogueAPReset TruthValue,
|
|
hpnicfDot11RogueAPFirstDetectTmStr OCTET STRING,
|
|
hpnicfDot11RogueAPLastDetectTmStr OCTET STRING
|
|
}
|
|
|
|
hpnicfDot11RogueAPBSSMAC OBJECT-TYPE
|
|
SYNTAX MacAddress
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents the BSS MAC address of rogue AP."
|
|
::= { hpnicfDot11WIDSRogueAPEntry 1 }
|
|
|
|
hpnicfDot11RogueAPVendorName OBJECT-TYPE
|
|
SYNTAX OCTET STRING(SIZE(0..127))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents the vendor name of rogue AP."
|
|
::= { hpnicfDot11WIDSRogueAPEntry 2 }
|
|
|
|
hpnicfDot11RogueAPMonitorNum OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents the number of monitor APs which detected the
|
|
rogue AP."
|
|
::= { hpnicfDot11WIDSRogueAPEntry 3 }
|
|
|
|
hpnicfDot11RogueAPFirstDetectTm OBJECT-TYPE
|
|
SYNTAX TimeTicks
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents the time that AP was detected as a rogue AP for
|
|
the first time."
|
|
::= { hpnicfDot11WIDSRogueAPEntry 4 }
|
|
|
|
hpnicfDot11RogueAPLastDetectTm OBJECT-TYPE
|
|
SYNTAX TimeTicks
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents the time that AP was detected as a rogue AP for
|
|
the last time."
|
|
::= { hpnicfDot11WIDSRogueAPEntry 5 }
|
|
|
|
hpnicfDot11RogueAPSSID OBJECT-TYPE
|
|
SYNTAX HpnicfDot11SSIDStringType
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents the SSID broadcasted by rogue AP."
|
|
::= { hpnicfDot11WIDSRogueAPEntry 6 }
|
|
|
|
hpnicfDot11RogueAPMaxSigStrength OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
UNITS "dBm"
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents the maximal value of signal strength that WIDS received
|
|
from the rogue AP."
|
|
::= { hpnicfDot11WIDSRogueAPEntry 7 }
|
|
|
|
hpnicfDot11RogueAPChannel OBJECT-TYPE
|
|
SYNTAX HpnicfDot11ChannelScopeType
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents on which radio channel of the rogue AP the maximal signal
|
|
strength was received."
|
|
::= { hpnicfDot11WIDSRogueAPEntry 8 }
|
|
|
|
hpnicfDot11RogueAPBeaconInterval OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
UNITS "millisecond"
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents the interval for Beacon management frame of rogue AP."
|
|
::= { hpnicfDot11WIDSRogueAPEntry 9 }
|
|
|
|
hpnicfDot11RogueAPAttackedStatus OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents whether the countermeasure have taken for the rogue AP."
|
|
::= { hpnicfDot11WIDSRogueAPEntry 10 }
|
|
|
|
hpnicfDot11RogueAPToIgnore OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents whether the rogue AP will be taken as a rogue AP.
|
|
If the value is true, NMS should not display the rogue AP
|
|
as NMS display rogue AP list, and the MAC address will be
|
|
automatically added into hpnicfDot11WIDSIgnoreListTable.
|
|
If the value is false, NMS will take it as a rogue AP. "
|
|
DEFVAL { false }
|
|
::= { hpnicfDot11WIDSRogueAPEntry 11 }
|
|
|
|
hpnicfDot11RogueAPEncryptStatus OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents whether the rogue AP encrypt the frame or not."
|
|
::= { hpnicfDot11WIDSRogueAPEntry 12 }
|
|
|
|
hpnicfDot11RogueAPReset OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is used to clear information of assigned AP. The
|
|
information of AP which detect assigned rogue AP will be cleared
|
|
together.
|
|
It will return false for get operation."
|
|
::= { hpnicfDot11WIDSRogueAPEntry 13 }
|
|
|
|
hpnicfDot11RogueAPFirstDetectTmStr OBJECT-TYPE
|
|
SYNTAX OCTET STRING
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents the time that AP was detected as a rogue AP for
|
|
the first time."
|
|
::= { hpnicfDot11WIDSRogueAPEntry 14 }
|
|
|
|
hpnicfDot11RogueAPLastDetectTmStr OBJECT-TYPE
|
|
SYNTAX OCTET STRING
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents the time that AP was detected as a rogue AP for
|
|
the last time."
|
|
::= { hpnicfDot11WIDSRogueAPEntry 15 }
|
|
-- *****************************************************************************
|
|
-- * end of hpnicfDot11WIDSRogueAPTable Definition
|
|
-- *****************************************************************************
|
|
|
|
-- *****************************************************************************
|
|
-- * hpnicfDot11WIDSRogueAPExtTable Definition
|
|
-- *****************************************************************************
|
|
hpnicfDot11WIDSRogueAPExtTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF HpnicfDot11WIDSRogueAPExtEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"As each rogue AP could be detected by multiple monitor APs, each
|
|
monitor AP could have some kind of detailed information about
|
|
a specific rogue AP.
|
|
In the hpnicfDot11WIDSRogueAPTable table, the detailed
|
|
information for a specific rogue AP will be summarized from
|
|
information in the hpnicfDot11WIDSRogueAPExtTable table.
|
|
For example, multiple monitor APs could receive RF signal of
|
|
one rogue AP, and each monitor AP has its maximum signal strength by
|
|
itself. The information will be kept as
|
|
hpnicfDot11DetectMaxAPSigStrength in the hpnicfDot11WIDSRogueAPExtTable
|
|
table. While only the maximum value among all the
|
|
hpnicfDot11DetectMaxAPSigStrength for each monitor AP will be
|
|
kept in the hpnicfDot11WIDSRogueAPTable as
|
|
hpnicfDot11RogueAPMaxSigStrength."
|
|
::= { hpnicfDot11WIDSDetectGroup 2 }
|
|
|
|
hpnicfDot11WIDSRogueAPExtEntry OBJECT-TYPE
|
|
SYNTAX HpnicfDot11WIDSRogueAPExtEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Each entry contains information of the rogue AP detected
|
|
by each monitor AP."
|
|
INDEX
|
|
{
|
|
hpnicfDot11RogueAPBSSMAC,
|
|
hpnicfDot11WIDSAPID
|
|
}
|
|
::= { hpnicfDot11WIDSRogueAPExtTable 1 }
|
|
|
|
HpnicfDot11WIDSRogueAPExtEntry ::= SEQUENCE
|
|
{
|
|
hpnicfDot11WIDSAPID HpnicfDot11ObjectIDType,
|
|
hpnicfDot11DetectCurAPSigStrength Integer32,
|
|
hpnicfDot11DetectAPByChannel HpnicfDot11ChannelScopeType,
|
|
hpnicfDot11DetectAPByRadioID HpnicfDot11RadioScopeType,
|
|
hpnicfDot11AttackAPStatus TruthValue,
|
|
hpnicfDot11DetectAPFirstTm TimeTicks,
|
|
hpnicfDot11DetectAPLastTm TimeTicks
|
|
}
|
|
|
|
hpnicfDot11WIDSAPID OBJECT-TYPE
|
|
SYNTAX HpnicfDot11ObjectIDType
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"To uniquely identify each AP, and relation-ship between
|
|
hpnicfDot11WIDSAPID and AP device will be static."
|
|
::= { hpnicfDot11WIDSRogueAPExtEntry 1 }
|
|
|
|
hpnicfDot11DetectCurAPSigStrength OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
UNITS "dBm"
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents the current value of signal strength that WIDS monitor
|
|
AP received from the rogue AP."
|
|
::= { hpnicfDot11WIDSRogueAPExtEntry 2 }
|
|
|
|
hpnicfDot11DetectAPByChannel OBJECT-TYPE
|
|
SYNTAX HpnicfDot11ChannelScopeType
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents on which radio channel that WIDS monitor AP detected
|
|
the rogue AP."
|
|
::= { hpnicfDot11WIDSRogueAPExtEntry 3 }
|
|
|
|
hpnicfDot11DetectAPByRadioID OBJECT-TYPE
|
|
SYNTAX HpnicfDot11RadioScopeType
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents on which radio the monitor AP has detected the rogue
|
|
AP."
|
|
::= { hpnicfDot11WIDSRogueAPExtEntry 4 }
|
|
|
|
hpnicfDot11AttackAPStatus OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents whether monitor AP have taken countermeasure on the
|
|
rogue AP."
|
|
::= { hpnicfDot11WIDSRogueAPExtEntry 5 }
|
|
|
|
hpnicfDot11DetectAPFirstTm OBJECT-TYPE
|
|
SYNTAX TimeTicks
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents the time that monitor AP detected the rogue AP for
|
|
the first time."
|
|
::= { hpnicfDot11WIDSRogueAPExtEntry 6 }
|
|
|
|
hpnicfDot11DetectAPLastTm OBJECT-TYPE
|
|
SYNTAX TimeTicks
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents the time that monitor AP detected the rogue AP for
|
|
the last time."
|
|
::= { hpnicfDot11WIDSRogueAPExtEntry 7 }
|
|
-- *****************************************************************************
|
|
-- * end of hpnicfDot11WIDSRogueAPExtTable Definition
|
|
-- *****************************************************************************
|
|
|
|
-- *****************************************************************************
|
|
-- * hpnicfDot11WIDSRogueStaTable Definition
|
|
-- *****************************************************************************
|
|
hpnicfDot11WIDSRogueStaTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF HpnicfDot11WIDSRogueStaEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The table represents the list of rogue stations detected by
|
|
the WIDS."
|
|
::= { hpnicfDot11WIDSDetectGroup 3 }
|
|
|
|
hpnicfDot11WIDSRogueStaEntry OBJECT-TYPE
|
|
SYNTAX HpnicfDot11WIDSRogueStaEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Each entry contains information of each rogue station."
|
|
INDEX
|
|
{
|
|
hpnicfDot11RogueStaMAC
|
|
}
|
|
::= { hpnicfDot11WIDSRogueStaTable 1 }
|
|
|
|
HpnicfDot11WIDSRogueStaEntry ::= SEQUENCE
|
|
{
|
|
hpnicfDot11RogueStaMAC MacAddress,
|
|
hpnicfDot11RogueStaVendorName OCTET STRING,
|
|
hpnicfDot11RogueStaMonitorNum Integer32,
|
|
hpnicfDot11RogueStaFirstDetectTm TimeTicks,
|
|
hpnicfDot11RogueStaLastDetectTm TimeTicks,
|
|
hpnicfDot11RogueStaAccessBSSID MacAddress,
|
|
hpnicfDot11RogueStaMaxSigStrength Integer32,
|
|
hpnicfDot11RogueStaChannel HpnicfDot11ChannelScopeType,
|
|
hpnicfDot11RogueStaAttackedStatus TruthValue,
|
|
hpnicfDot11RogueStaToIgnore TruthValue,
|
|
hpnicfDot11RogueStaAdHocStatus TruthValue,
|
|
hpnicfDot11RogueStaReset TruthValue,
|
|
hpnicfDot11RogueStaFirstDetectTmStr OCTET STRING,
|
|
hpnicfDot11RogueStaLastDetectTmStr OCTET STRING
|
|
}
|
|
|
|
hpnicfDot11RogueStaMAC OBJECT-TYPE
|
|
SYNTAX MacAddress
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents the MAC address of rogue station."
|
|
::= { hpnicfDot11WIDSRogueStaEntry 1 }
|
|
|
|
hpnicfDot11RogueStaVendorName OBJECT-TYPE
|
|
SYNTAX OCTET STRING(SIZE(0..127))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents the vendor name of rogue station."
|
|
::= { hpnicfDot11WIDSRogueStaEntry 2 }
|
|
|
|
hpnicfDot11RogueStaMonitorNum OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents the number of monitor APs which detected the
|
|
rogue station."
|
|
::= { hpnicfDot11WIDSRogueStaEntry 3 }
|
|
|
|
hpnicfDot11RogueStaFirstDetectTm OBJECT-TYPE
|
|
SYNTAX TimeTicks
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents the time that station was detected as a rogue station for
|
|
the first time."
|
|
::= { hpnicfDot11WIDSRogueStaEntry 4 }
|
|
|
|
hpnicfDot11RogueStaLastDetectTm OBJECT-TYPE
|
|
SYNTAX TimeTicks
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents the time that station was detected as a rogue station for
|
|
the last time."
|
|
::= { hpnicfDot11WIDSRogueStaEntry 5 }
|
|
|
|
hpnicfDot11RogueStaAccessBSSID OBJECT-TYPE
|
|
SYNTAX MacAddress
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents BSS MAC address that rogue station try to access."
|
|
::= { hpnicfDot11WIDSRogueStaEntry 6 }
|
|
|
|
hpnicfDot11RogueStaMaxSigStrength OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
UNITS "dBm"
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents the maximal value of signal strength that WIDS received
|
|
from the rogue station."
|
|
::= { hpnicfDot11WIDSRogueStaEntry 7 }
|
|
|
|
hpnicfDot11RogueStaChannel OBJECT-TYPE
|
|
SYNTAX HpnicfDot11ChannelScopeType
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents on which radio channel the maximal signal strength
|
|
was received."
|
|
::= { hpnicfDot11WIDSRogueStaEntry 8 }
|
|
|
|
hpnicfDot11RogueStaAttackedStatus OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents whether the countermeasure have taken for the rogue
|
|
station."
|
|
::= { hpnicfDot11WIDSRogueStaEntry 9 }
|
|
|
|
hpnicfDot11RogueStaToIgnore OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents whether the rogue AP will be taken as a rogue station.
|
|
If the value is true, NMS should not display the rogue station
|
|
as NMS display rogue station list, and the MAC address will be
|
|
automatically added into hpnicfDot11WIDSIgnoreListTable.
|
|
If the value is false, NMS will take it as a rogue station. "
|
|
DEFVAL { false }
|
|
::= { hpnicfDot11WIDSRogueStaEntry 10 }
|
|
|
|
hpnicfDot11RogueStaAdHocStatus OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents whether the rogue station work on the Ad Hoc mode
|
|
or not."
|
|
::= { hpnicfDot11WIDSRogueStaEntry 11 }
|
|
|
|
hpnicfDot11RogueStaReset OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is used to clear information of assigned station. The
|
|
information of AP which detects assigned rogue station will be cleared
|
|
together.
|
|
It will return false for get operation."
|
|
::= { hpnicfDot11WIDSRogueStaEntry 12 }
|
|
|
|
hpnicfDot11RogueStaFirstDetectTmStr OBJECT-TYPE
|
|
SYNTAX OCTET STRING
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents the time that station was detected as a rogue station for
|
|
the first time."
|
|
::= { hpnicfDot11WIDSRogueStaEntry 13 }
|
|
|
|
hpnicfDot11RogueStaLastDetectTmStr OBJECT-TYPE
|
|
SYNTAX OCTET STRING
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents the time that station was detected as a rogue station for
|
|
the last time."
|
|
::= { hpnicfDot11WIDSRogueStaEntry 14 }
|
|
-- *****************************************************************************
|
|
-- * End of hpnicfDot11WIDSRogueStaTable Definition
|
|
-- *****************************************************************************
|
|
|
|
-- *****************************************************************************
|
|
-- * hpnicfDot11WIDSRogueStaExtTable Definition
|
|
-- *****************************************************************************
|
|
hpnicfDot11WIDSRogueStaExtTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF HpnicfDot11WIDSRogueStaExtEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"As each rogue station could be detected by multiple monitor APs, each
|
|
monitor AP could have some kind of detailed information about
|
|
a specific rogue station.
|
|
In the hpnicfDot11WIDSRogueStaTable table, the detailed
|
|
information for a specific rogue station will be summarized from
|
|
information in the hpnicfDot11WIDSRogueStaExtTable table.
|
|
For example, multiple monitor APs could receive RF signal of one rogue
|
|
station, and each monitor AP has its maximum signal strength by
|
|
itself. The information will be kept as
|
|
hpnicfDot11DetectMaxStaSigStrength in the hpnicfDot11WIDSRogueStaExtTable
|
|
table. While only the maximum value among all the
|
|
hpnicfDot11DetectMaxStaSigStrength for each monitor AP will be
|
|
kept in the hpnicfDot11WIDSRogueStaTable as
|
|
hpnicfDot11RogueStaMaxSigStrength."
|
|
::= { hpnicfDot11WIDSDetectGroup 4 }
|
|
|
|
hpnicfDot11WIDSRogueStaExtEntry OBJECT-TYPE
|
|
SYNTAX HpnicfDot11WIDSRogueStaExtEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Each entry contains information of rogue station detected
|
|
by each monitor AP."
|
|
INDEX
|
|
{
|
|
hpnicfDot11RogueStaMAC,
|
|
hpnicfDot11WIDSAPID
|
|
}
|
|
::= { hpnicfDot11WIDSRogueStaExtTable 1 }
|
|
|
|
HpnicfDot11WIDSRogueStaExtEntry ::= SEQUENCE
|
|
{
|
|
hpnicfDot11DetectCurStaSigStrength Integer32,
|
|
hpnicfDot11DetectStaByChannel HpnicfDot11ChannelScopeType,
|
|
hpnicfDot11DetectStaByRadioID HpnicfDot11RadioScopeType,
|
|
hpnicfDot11AttackStaStatus TruthValue,
|
|
hpnicfDot11DetectStaFirstTm TimeTicks,
|
|
hpnicfDot11DetectStaLastTm TimeTicks
|
|
}
|
|
|
|
hpnicfDot11DetectCurStaSigStrength OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
UNITS "dBm"
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents the current value of signal strength that WIDS monitor
|
|
AP received from the rogue station."
|
|
::= { hpnicfDot11WIDSRogueStaExtEntry 1 }
|
|
|
|
hpnicfDot11DetectStaByChannel OBJECT-TYPE
|
|
SYNTAX HpnicfDot11ChannelScopeType
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents on which radio channel the maximal signal strength
|
|
was received."
|
|
::= { hpnicfDot11WIDSRogueStaExtEntry 2 }
|
|
|
|
hpnicfDot11DetectStaByRadioID OBJECT-TYPE
|
|
SYNTAX HpnicfDot11RadioScopeType
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents which radio on the monitor AP has detected the
|
|
rogue station."
|
|
::= { hpnicfDot11WIDSRogueStaExtEntry 3 }
|
|
|
|
hpnicfDot11AttackStaStatus OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents whether monitor AP have taken countermeasure for the
|
|
rogue station."
|
|
::= { hpnicfDot11WIDSRogueStaExtEntry 4 }
|
|
|
|
hpnicfDot11DetectStaFirstTm OBJECT-TYPE
|
|
SYNTAX TimeTicks
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents the time that monitor AP detected the rogue station
|
|
for the first time."
|
|
::= { hpnicfDot11WIDSRogueStaExtEntry 5 }
|
|
|
|
hpnicfDot11DetectStaLastTm OBJECT-TYPE
|
|
SYNTAX TimeTicks
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents the time that monitor AP detected the rogue station
|
|
for the last time."
|
|
::= { hpnicfDot11WIDSRogueStaExtEntry 6 }
|
|
-- *****************************************************************************
|
|
-- * end of hpnicfDot11WIDSRogueStaExtTable Definition
|
|
-- *****************************************************************************
|
|
|
|
-- *****************************************************************************
|
|
-- * hpnicfDot11WIDSDetectedDevTable Definition
|
|
-- *****************************************************************************
|
|
hpnicfDot11WIDSDetectedDevTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF HpnicfDot11WIDSDetectedDevEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This Table contains information of detected devices."
|
|
::= { hpnicfDot11WIDSDetectGroup 5 }
|
|
|
|
hpnicfDot11WIDSDetectedDevEntry OBJECT-TYPE
|
|
SYNTAX HpnicfDot11WIDSDetectedDevEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Each entry contains information of detected devices."
|
|
INDEX
|
|
{
|
|
hpnicfDot11WIDSDevMAC
|
|
}
|
|
::= { hpnicfDot11WIDSDetectedDevTable 1 }
|
|
|
|
HpnicfDot11WIDSDetectedDevEntry ::= SEQUENCE
|
|
{
|
|
hpnicfDot11WIDSDevMAC MacAddress,
|
|
hpnicfDot11WIDSDevType HpnicfDot11WIDSDevType,
|
|
hpnicfDot11WIDSDevPermitType HpnicfDot11WIDSDevPermitType,
|
|
hpnicfDot11WIDSDevVendor OCTET STRING,
|
|
hpnicfDot11WIDSDevMonitorNum Integer32,
|
|
hpnicfDot11WIDSDevSSID OCTET STRING,
|
|
hpnicfDot11WIDSDevBSSID MacAddress,
|
|
hpnicfDot11WIDSDevChannel HpnicfDot11ChannelScopeType,
|
|
hpnicfDot11WIDSDevMaxRSSI Integer32,
|
|
hpnicfDot11WIDSDevBeaconIntvl Integer32,
|
|
hpnicfDot11WIDSDevFstDctTime DateAndTime,
|
|
hpnicfDot11WIDSDevLstDctTime DateAndTime,
|
|
hpnicfDot11WIDSDevReset TruthValue,
|
|
hpnicfDot11WIDSDevSnr Integer32
|
|
}
|
|
|
|
hpnicfDot11WIDSDevMAC OBJECT-TYPE
|
|
SYNTAX MacAddress
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents MAC address of the device detected."
|
|
::= { hpnicfDot11WIDSDetectedDevEntry 1 }
|
|
|
|
hpnicfDot11WIDSDevType OBJECT-TYPE
|
|
SYNTAX HpnicfDot11WIDSDevType
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents type of the device detected."
|
|
::= { hpnicfDot11WIDSDetectedDevEntry 2 }
|
|
|
|
hpnicfDot11WIDSDevPermitType OBJECT-TYPE
|
|
SYNTAX HpnicfDot11WIDSDevPermitType
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents whether the device detected is a rogue device or not."
|
|
::= { hpnicfDot11WIDSDetectedDevEntry 3 }
|
|
|
|
hpnicfDot11WIDSDevVendor OBJECT-TYPE
|
|
SYNTAX OCTET STRING
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents Vendor of the detected device."
|
|
::= { hpnicfDot11WIDSDetectedDevEntry 4 }
|
|
|
|
hpnicfDot11WIDSDevMonitorNum OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents the number of active APs that detect the device."
|
|
::= { hpnicfDot11WIDSDetectedDevEntry 5 }
|
|
|
|
hpnicfDot11WIDSDevSSID OBJECT-TYPE
|
|
SYNTAX OCTET STRING
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents the service set identifier for the ESS of the device."
|
|
::= { hpnicfDot11WIDSDetectedDevEntry 6 }
|
|
|
|
hpnicfDot11WIDSDevBSSID OBJECT-TYPE
|
|
SYNTAX MacAddress
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents the basic service set identifier of the detected device."
|
|
::= { hpnicfDot11WIDSDetectedDevEntry 7 }
|
|
|
|
hpnicfDot11WIDSDevChannel OBJECT-TYPE
|
|
SYNTAX HpnicfDot11ChannelScopeType
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents the channel in which the device was last detected."
|
|
::= { hpnicfDot11WIDSDetectedDevEntry 8 }
|
|
|
|
hpnicfDot11WIDSDevMaxRSSI OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
UNITS "dbm"
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents the maximum detected RSSI of the device."
|
|
::= { hpnicfDot11WIDSDetectedDevEntry 9 }
|
|
|
|
hpnicfDot11WIDSDevBeaconIntvl OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
UNITS "millionsecond"
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents the beacon interval for the detected AP."
|
|
::= { hpnicfDot11WIDSDetectedDevEntry 10 }
|
|
|
|
hpnicfDot11WIDSDevFstDctTime OBJECT-TYPE
|
|
SYNTAX DateAndTime
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents the time at which the device was first detected."
|
|
::= { hpnicfDot11WIDSDetectedDevEntry 11 }
|
|
|
|
hpnicfDot11WIDSDevLstDctTime OBJECT-TYPE
|
|
SYNTAX DateAndTime
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents the time at which the rogue AP was detected last time."
|
|
::= { hpnicfDot11WIDSDetectedDevEntry 12 }
|
|
|
|
hpnicfDot11WIDSDevReset OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is used to clears the information of the device detected
|
|
in the WLAN.
|
|
It will return false for get operation."
|
|
::= { hpnicfDot11WIDSDetectedDevEntry 13 }
|
|
|
|
hpnicfDot11WIDSDevSnr OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
UNITS "dB"
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents SNR of the device detected."
|
|
::= { hpnicfDot11WIDSDetectedDevEntry 14 }
|
|
|
|
-- *****************************************************************************
|
|
-- * end of hpnicfDot11WIDSDetectedDevTable Definition
|
|
-- *****************************************************************************
|
|
|
|
-- *****************************************************************************
|
|
-- * hpnicfDot11WIDSRptAPTable Definition
|
|
-- *****************************************************************************
|
|
hpnicfDot11WIDSRptAPTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF HpnicfDot11WIDSRptAPEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This Table contains information of the AP which detected device in the
|
|
WLAN."
|
|
::= { hpnicfDot11WIDSDetectGroup 6 }
|
|
|
|
hpnicfDot11WIDSRptAPEntry OBJECT-TYPE
|
|
SYNTAX HpnicfDot11WIDSRptAPEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Each entry contains information of the AP which detected device in the
|
|
WLAN."
|
|
INDEX
|
|
{
|
|
hpnicfDot11WIDSDevMAC,
|
|
hpnicfDot11WIDSRptAPMAC
|
|
}
|
|
::= { hpnicfDot11WIDSRptAPTable 1 }
|
|
|
|
HpnicfDot11WIDSRptAPEntry ::= SEQUENCE
|
|
{
|
|
hpnicfDot11WIDSRptAPMAC MacAddress,
|
|
hpnicfDot11WIDSRptAPName OCTET STRING,
|
|
hpnicfDot11WIDSRptAPRadioID HpnicfDot11RadioScopeType,
|
|
hpnicfDot11WIDSRptAPMaxRSSI Integer32,
|
|
hpnicfDot11WIDSRptAPFstDctTime DateAndTime,
|
|
hpnicfDot11WIDSRptAPLstDctTime DateAndTime
|
|
}
|
|
|
|
hpnicfDot11WIDSRptAPMAC OBJECT-TYPE
|
|
SYNTAX MacAddress
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents the MAC address of the AP that detected the device."
|
|
::= { hpnicfDot11WIDSRptAPEntry 1 }
|
|
|
|
hpnicfDot11WIDSRptAPName OBJECT-TYPE
|
|
SYNTAX OCTET STRING
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents the name of the AP that detected the device."
|
|
::= { hpnicfDot11WIDSRptAPEntry 2 }
|
|
|
|
hpnicfDot11WIDSRptAPRadioID OBJECT-TYPE
|
|
SYNTAX HpnicfDot11RadioScopeType
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents the radio index of the AP that detected the device."
|
|
::= { hpnicfDot11WIDSRptAPEntry 3 }
|
|
|
|
hpnicfDot11WIDSRptAPMaxRSSI OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents the maximum detected RSSI of the device."
|
|
::= { hpnicfDot11WIDSRptAPEntry 4 }
|
|
|
|
hpnicfDot11WIDSRptAPFstDctTime OBJECT-TYPE
|
|
SYNTAX DateAndTime
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents the time at which the rogue AP was detected first time."
|
|
::= { hpnicfDot11WIDSRptAPEntry 5 }
|
|
|
|
hpnicfDot11WIDSRptAPLstDctTime OBJECT-TYPE
|
|
SYNTAX DateAndTime
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents the time at which the rogue AP was detected last time."
|
|
::= { hpnicfDot11WIDSRptAPEntry 6 }
|
|
-- *****************************************************************************
|
|
-- * end of hpnicfDot11WIDSRptAPTable Definition
|
|
-- *****************************************************************************
|
|
|
|
-- *****************************************************************************
|
|
-- * hpnicfDot11DynBlackListTable Definition
|
|
-- *****************************************************************************
|
|
hpnicfDot11DynBlackListTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF HpnicfDot11DynBlackListEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This table contains information of dynamic blacklist entries."
|
|
::= { hpnicfDot11WIDSDetectGroup 7 }
|
|
|
|
hpnicfDot11DynBlackListEntry OBJECT-TYPE
|
|
SYNTAX HpnicfDot11DynBlackListEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Each entry contains information of dynamic blacklist."
|
|
INDEX
|
|
{
|
|
hpnicfDot11DynBlackListMAC
|
|
}
|
|
::= { hpnicfDot11DynBlackListTable 1 }
|
|
|
|
HpnicfDot11DynBlackListEntry ::= SEQUENCE
|
|
{
|
|
hpnicfDot11DynBlackListMAC MacAddress,
|
|
hpnicfDot11DynBlackListTime Unsigned32,
|
|
hpnicfDot11DynBlackListReason OCTET STRING,
|
|
hpnicfDot11DynBlackListReset TruthValue,
|
|
hpnicfDot11DynBlackListTimeTicks TimeTicks
|
|
}
|
|
|
|
hpnicfDot11DynBlackListMAC OBJECT-TYPE
|
|
SYNTAX MacAddress
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents the MAC address of the device inserted into the dynamic
|
|
blacklist."
|
|
::= { hpnicfDot11DynBlackListEntry 1 }
|
|
|
|
hpnicfDot11DynBlackListTime OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
UNITS "second"
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents the time elapsed since the entry was last updated."
|
|
::= { hpnicfDot11DynBlackListEntry 2 }
|
|
|
|
hpnicfDot11DynBlackListReason OBJECT-TYPE
|
|
SYNTAX OCTET STRING
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents the reason why the entry was added into the dynamic
|
|
blacklist."
|
|
::= { hpnicfDot11DynBlackListEntry 3 }
|
|
|
|
hpnicfDot11DynBlackListReset OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is used to remove designated entry from the dynamic
|
|
blacklist.
|
|
The value which read from this object always is false."
|
|
::= { hpnicfDot11DynBlackListEntry 4 }
|
|
|
|
hpnicfDot11DynBlackListTimeTicks OBJECT-TYPE
|
|
SYNTAX TimeTicks
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents the time elapsed since the entry was last updated in units TimeTicks."
|
|
::= { hpnicfDot11DynBlackListEntry 5 }
|
|
|
|
-- *****************************************************************************
|
|
-- * end of hpnicfDot11DynBlackListTable Definition
|
|
-- *****************************************************************************
|
|
|
|
-- *****************************************************************************
|
|
-- * hpnicfDot11WIDSRogueHistoryTable Definition
|
|
-- *****************************************************************************
|
|
hpnicfDot11WIDSRogueHistoryTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF HpnicfDot11WIDSRogueHistoryEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This table contains information of all expired rogue devices which
|
|
have been deleted from the list of detected rogue devices because
|
|
they could not be detected within the device aging duration."
|
|
::= { hpnicfDot11WIDSDetectGroup 8 }
|
|
|
|
hpnicfDot11WIDSRogueHistoryEntry OBJECT-TYPE
|
|
SYNTAX HpnicfDot11WIDSRogueHistoryEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Each entry contains information of an expired rogue device which
|
|
has been deleted from the list of detected rogue devices because
|
|
they could not be detected within the device aging duration."
|
|
INDEX
|
|
{
|
|
hpnicfDot11WIDSRogueHisIndex
|
|
}
|
|
::= { hpnicfDot11WIDSRogueHistoryTable 1 }
|
|
|
|
HpnicfDot11WIDSRogueHistoryEntry ::= SEQUENCE
|
|
{
|
|
hpnicfDot11WIDSRogueHisIndex Integer32,
|
|
hpnicfDot11WIDSRogueHisMAC MacAddress,
|
|
hpnicfDot11WIDSRogueHisVendor OCTET STRING,
|
|
hpnicfDot11WIDSRogueHisType HpnicfDot11WIDSDevType,
|
|
hpnicfDot11WIDSRogueHisChl HpnicfDot11ChannelScopeType,
|
|
hpnicfDot11WIDSRogueHisSSID OCTET STRING,
|
|
hpnicfDot11WIDSRogueHisLastDctTime DateAndTime
|
|
}
|
|
|
|
hpnicfDot11WIDSRogueHisIndex OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents index of this entry."
|
|
::= { hpnicfDot11WIDSRogueHistoryEntry 1 }
|
|
|
|
hpnicfDot11WIDSRogueHisMAC OBJECT-TYPE
|
|
SYNTAX MacAddress
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents the MAC address of the device."
|
|
::= { hpnicfDot11WIDSRogueHistoryEntry 2 }
|
|
|
|
hpnicfDot11WIDSRogueHisVendor OBJECT-TYPE
|
|
SYNTAX OCTET STRING
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents the vendor for the device."
|
|
::= { hpnicfDot11WIDSRogueHistoryEntry 3 }
|
|
|
|
hpnicfDot11WIDSRogueHisType OBJECT-TYPE
|
|
SYNTAX HpnicfDot11WIDSDevType
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents the type of the device."
|
|
::= { hpnicfDot11WIDSRogueHistoryEntry 4 }
|
|
|
|
hpnicfDot11WIDSRogueHisChl OBJECT-TYPE
|
|
SYNTAX HpnicfDot11ChannelScopeType
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents the channel in which the device was last detected."
|
|
::= { hpnicfDot11WIDSRogueHistoryEntry 5 }
|
|
|
|
hpnicfDot11WIDSRogueHisSSID OBJECT-TYPE
|
|
SYNTAX OCTET STRING
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents the service set identifier for the ESS of the device."
|
|
::= { hpnicfDot11WIDSRogueHistoryEntry 6 }
|
|
|
|
hpnicfDot11WIDSRogueHisLastDctTime OBJECT-TYPE
|
|
SYNTAX DateAndTime
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents the time at which the device was last detected."
|
|
::= { hpnicfDot11WIDSRogueHistoryEntry 7 }
|
|
-- *****************************************************************************
|
|
-- * end of hpnicfDot11WIDSRogueHistoryTable Definition
|
|
-- *****************************************************************************
|
|
|
|
-- *****************************************************************************
|
|
-- * hpnicfDot11WIDSAtkHistroyTable Definition
|
|
-- *****************************************************************************
|
|
hpnicfDot11WIDSAtkHistroyTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF HpnicfDot11WIDSAtkHistroyEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This table contains information of the history of attacks detected in
|
|
the WLAN system."
|
|
::= { hpnicfDot11WIDSDetectGroup 9 }
|
|
|
|
hpnicfDot11WIDSAtkHistroyEntry OBJECT-TYPE
|
|
SYNTAX HpnicfDot11WIDSAtkHistroyEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Each entry contains information of the history of attacks detected in
|
|
the WLAN system."
|
|
INDEX
|
|
{
|
|
hpnicfDot11WIDSAtkHisIndex
|
|
}
|
|
::= { hpnicfDot11WIDSAtkHistroyTable 1 }
|
|
|
|
HpnicfDot11WIDSAtkHistroyEntry ::= SEQUENCE
|
|
{
|
|
hpnicfDot11WIDSAtkHisIndex Integer32,
|
|
hpnicfDot11WIDSAtkHisMAC MacAddress,
|
|
hpnicfDot11WIDSAtkHisType HpnicfDot11WIDSAtkType,
|
|
hpnicfDot11WIDSAtkHisChl HpnicfDot11ChannelScopeType,
|
|
hpnicfDot11WIDSAtkHisRSSI Integer32,
|
|
hpnicfDot11WIDSAtkHisDctTime DateAndTime,
|
|
hpnicfDot11WIDSAtkHisAPName OCTET STRING
|
|
}
|
|
|
|
hpnicfDot11WIDSAtkHisIndex OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents index of this entry."
|
|
::= { hpnicfDot11WIDSAtkHistroyEntry 1 }
|
|
|
|
hpnicfDot11WIDSAtkHisMAC OBJECT-TYPE
|
|
SYNTAX MacAddress
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents the Mac address. In case of spoof attacks, this field
|
|
provides the BSSID which was spoofed. In case of other attacks,
|
|
this field provides the MAC address of the device which initiated
|
|
the attack."
|
|
::= { hpnicfDot11WIDSAtkHistroyEntry 2 }
|
|
|
|
hpnicfDot11WIDSAtkHisType OBJECT-TYPE
|
|
SYNTAX HpnicfDot11WIDSAtkType
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents the type of attack."
|
|
::= { hpnicfDot11WIDSAtkHistroyEntry 3 }
|
|
|
|
hpnicfDot11WIDSAtkHisChl OBJECT-TYPE
|
|
SYNTAX HpnicfDot11ChannelScopeType
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents the channel in which the attack was detected."
|
|
::= { hpnicfDot11WIDSAtkHistroyEntry 4 }
|
|
|
|
hpnicfDot11WIDSAtkHisRSSI OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents the average RSSI of the designated attack."
|
|
::= { hpnicfDot11WIDSAtkHistroyEntry 5 }
|
|
|
|
hpnicfDot11WIDSAtkHisDctTime OBJECT-TYPE
|
|
SYNTAX DateAndTime
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents the time at which this attack was detected."
|
|
::= { hpnicfDot11WIDSAtkHistroyEntry 6 }
|
|
|
|
hpnicfDot11WIDSAtkHisAPName OBJECT-TYPE
|
|
SYNTAX OCTET STRING
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents the name of the AP which detected this attack."
|
|
::= { hpnicfDot11WIDSAtkHistroyEntry 7 }
|
|
-- *****************************************************************************
|
|
-- * end of hpnicfDot11WIDSAtkHistroyTable Definition
|
|
-- *****************************************************************************
|
|
|
|
-- *****************************************************************************
|
|
-- * hpnicfDot11WIDSAtkStatis Definition
|
|
-- *****************************************************************************
|
|
hpnicfDot11WIDSAtkStatis OBJECT IDENTIFIER ::= { hpnicfDot11WIDSDetectGroup 10 }
|
|
|
|
hpnicfDot11WIDSAtkStasStartTime OBJECT-TYPE
|
|
SYNTAX DateAndTime
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents current attack tracking time. It is started at the system
|
|
startup and is refreshed each hour subsequently."
|
|
::= { hpnicfDot11WIDSAtkStatis 1 }
|
|
|
|
-- *****************************************************************************
|
|
-- * hpnicfDot11WIDSAtkStasTable Definition
|
|
-- *****************************************************************************
|
|
hpnicfDot11WIDSAtkStasTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF HpnicfDot11WIDSAtkStasEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This table contains information of the counts of attacks detected."
|
|
::= { hpnicfDot11WIDSAtkStatis 2 }
|
|
|
|
hpnicfDot11WIDSAtkStasEntry OBJECT-TYPE
|
|
SYNTAX HpnicfDot11WIDSAtkStasEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Each entry contains information of the counts of attacks detected."
|
|
INDEX
|
|
{
|
|
hpnicfDot11WIDSAtkStasType
|
|
}
|
|
::= { hpnicfDot11WIDSAtkStasTable 1 }
|
|
|
|
HpnicfDot11WIDSAtkStasEntry ::= SEQUENCE
|
|
{
|
|
hpnicfDot11WIDSAtkStasType HpnicfDot11WIDSAtkType,
|
|
hpnicfDot11WIDSAtkStasCurCnt Unsigned32,
|
|
hpnicfDot11WIDSAtkStasTotalCnt Unsigned32
|
|
}
|
|
|
|
hpnicfDot11WIDSAtkStasType OBJECT-TYPE
|
|
SYNTAX HpnicfDot11WIDSAtkType
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents the type of attack."
|
|
::= { hpnicfDot11WIDSAtkStasEntry 1 }
|
|
|
|
hpnicfDot11WIDSAtkStasCurCnt OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents the count of attacks detected since the time
|
|
specified by the current attack tracking time. The current
|
|
attack tracking time is started at the system startup and
|
|
is refreshed each hour subsequently."
|
|
::= { hpnicfDot11WIDSAtkStasEntry 2 }
|
|
|
|
hpnicfDot11WIDSAtkStasTotalCnt OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents the total count of the attacks detected since
|
|
the system startup."
|
|
::= { hpnicfDot11WIDSAtkStasEntry 3 }
|
|
-- *****************************************************************************
|
|
-- * end of hpnicfDot11WIDSAtkStasTable Definition
|
|
-- *****************************************************************************
|
|
|
|
-- *****************************************************************************
|
|
-- * hpnicfDot11BlackListTable Definition
|
|
-- *****************************************************************************
|
|
hpnicfDot11BlackListTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF HpnicfDot11BlackListEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This table contains information of blacklist entries, including
|
|
dynamic and static."
|
|
::= { hpnicfDot11WIDSDetectGroup 11 }
|
|
|
|
hpnicfDot11BlackListEntry OBJECT-TYPE
|
|
SYNTAX HpnicfDot11BlackListEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Each entry contains information of blacklist."
|
|
INDEX
|
|
{
|
|
hpnicfDot11BlackListMAC
|
|
}
|
|
::= { hpnicfDot11BlackListTable 1 }
|
|
|
|
HpnicfDot11BlackListEntry ::= SEQUENCE
|
|
{
|
|
hpnicfDot11BlackListMAC MacAddress,
|
|
hpnicfDot11BlackListTime Unsigned32,
|
|
hpnicfDot11BlackListReason OCTET STRING,
|
|
hpnicfDot11BlackListRowStatus RowStatus,
|
|
hpnicfDot11BlackListTimeTicks TimeTicks
|
|
}
|
|
|
|
hpnicfDot11BlackListMAC OBJECT-TYPE
|
|
SYNTAX MacAddress
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object represents the MAC address of the device inserted into
|
|
the table."
|
|
::= { hpnicfDot11BlackListEntry 1 }
|
|
|
|
hpnicfDot11BlackListTime OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
UNITS "minutes"
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents the time elapsed since the entry was last updated.
|
|
If it is static blacklist, the value is always 0."
|
|
::= { hpnicfDot11BlackListEntry 2 }
|
|
|
|
hpnicfDot11BlackListReason OBJECT-TYPE
|
|
SYNTAX OCTET STRING
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents the reason why the entry was added into the blacklist."
|
|
::= { hpnicfDot11BlackListEntry 3 }
|
|
|
|
hpnicfDot11BlackListRowStatus OBJECT-TYPE
|
|
SYNTAX RowStatus
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object represents the status of this table entry."
|
|
::= { hpnicfDot11BlackListEntry 4 }
|
|
|
|
hpnicfDot11BlackListTimeTicks OBJECT-TYPE
|
|
SYNTAX TimeTicks
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents the time elapsed since the entry was last updated in timetick.
|
|
If it is static blacklist, the value is always 0."
|
|
::= { hpnicfDot11BlackListEntry 5 }
|
|
-- *****************************************************************************
|
|
-- * end of hpnicfDot11BlackListTable Definition
|
|
-- *****************************************************************************
|
|
|
|
|
|
-- *****************************************************************************
|
|
-- * end of hpnicfDot11WIDSAtkStatis Definition
|
|
-- *****************************************************************************
|
|
|
|
-- *****************************************************************************
|
|
-- * Notifications OF hpnicfDot11WIDSNotifyGroup
|
|
-- *****************************************************************************
|
|
-- WIDS Notification
|
|
hpnicfDot11WIDSTraps OBJECT IDENTIFIER
|
|
::= { hpnicfDot11WIDSNotifyGroup 1 }
|
|
|
|
hpnicfDot11WIDSDetectRogueTrap NOTIFICATION-TYPE
|
|
OBJECTS
|
|
{
|
|
hpnicfDot11WIDSRogueMAC,
|
|
hpnicfDot11WIDSRogueType,
|
|
hpnicfDot11WIDSMonitorMAC,
|
|
hpnicfDot11MonitorAPID,
|
|
hpnicfDot11MonitorApRadioID
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The notification represents that a rogue AP or a station was
|
|
detected by WIDS.
|
|
The NMS would refer to MIB table under hpnicfDot11WIDSDetectGroup
|
|
group to get more detailed information."
|
|
::= { hpnicfDot11WIDSTraps 1 }
|
|
|
|
hpnicfDot11WIDSAdHocTrap NOTIFICATION-TYPE
|
|
OBJECTS
|
|
{
|
|
hpnicfDot11WIDSAdHocMAC,
|
|
hpnicfDot11WIDSMonitorMAC
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The notification represents a rogue Ad hoc station was detected."
|
|
::= { hpnicfDot11WIDSTraps 2 }
|
|
|
|
hpnicfDot11WIDSUnauthorSSIDTrap NOTIFICATION-TYPE
|
|
OBJECTS
|
|
{
|
|
hpnicfDot11UnauthorSSIDName,
|
|
hpnicfDot11WIDSMonitorMAC,
|
|
hpnicfDot11MonitorAPID,
|
|
hpnicfDot11MonitorApRadioID
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The notification represents which unauthorized SSID are
|
|
accessed in the network.
|
|
The notification will be sent to NMS when an
|
|
unauthorized SSID is detected on the network for the
|
|
first time."
|
|
::= { hpnicfDot11WIDSTraps 3 }
|
|
|
|
hpnicfDot11WIDSDisappearRogueTrap NOTIFICATION-TYPE
|
|
OBJECTS
|
|
{
|
|
hpnicfDot11WIDSRogueMAC
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The notification represents that a rogue device has aged out
|
|
and moved to history table or the device type has been changed
|
|
to friendly.
|
|
The notification will be sent to NMS whenever a rogue disappears."
|
|
::= { hpnicfDot11WIDSTraps 4 }
|
|
|
|
hpnicfDot11WIDSDetectAttack NOTIFICATION-TYPE
|
|
OBJECTS
|
|
{
|
|
hpnicfDot11WIDSAtkHisType,
|
|
hpnicfDot11WIDSAtkHisChl,
|
|
hpnicfDot11WIDSAtkHisDctTime,
|
|
hpnicfDot11WIDSAtkHisAPName
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This notification occurs when some type of attack is detected.
|
|
"
|
|
::= { hpnicfDot11WIDSTraps 5 }
|
|
|
|
hpnicfDot11WIDSDetectWBridge NOTIFICATION-TYPE
|
|
OBJECTS
|
|
{
|
|
hpnicfDot11WIDSRptAPName,
|
|
hpnicfDot11WIDSRptAPRadioID,
|
|
hpnicfDot11WIDSRptAPLstDctTime
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This notification occurs whenever a detected device is classified
|
|
as rogue wireless-bridge.
|
|
"
|
|
::= { hpnicfDot11WIDSTraps 6 }
|
|
|
|
hpnicfDot11WIDSFloodTrap NOTIFICATION-TYPE
|
|
OBJECTS
|
|
{
|
|
hpnicfDot11WIDSAtkMac,
|
|
hpnicfDot11WIDSAtkFrameType,
|
|
hpnicfDot11WIDSFirstTrapTime
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This notification occurs when flood attack is detected.
|
|
"
|
|
::= { hpnicfDot11WIDSTraps 7 }
|
|
|
|
hpnicfDot11WIDSSpoofTrap NOTIFICATION-TYPE
|
|
OBJECTS
|
|
{
|
|
hpnicfDot11WIDSAtkMac,
|
|
hpnicfDot11WIDSAtkFrameType,
|
|
hpnicfDot11WIDSAtkChannel,
|
|
hpnicfDot11WIDSAtkTime,
|
|
hpnicfDot11WIDSAtkDestMac,
|
|
hpnicfDot11WIDSFirstTrapTime
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This notification occurs when spoof attack is detected.
|
|
"
|
|
::= { hpnicfDot11WIDSTraps 8 }
|
|
|
|
hpnicfDot11WIDSWeakIVTrap NOTIFICATION-TYPE
|
|
OBJECTS
|
|
{
|
|
hpnicfDot11WIDSAtkMac,
|
|
hpnicfDot11WIDSAtkChannel,
|
|
hpnicfDot11WIDSAtkTime,
|
|
hpnicfDot11WIDSAtkDestMac,
|
|
hpnicfDot11WIDSFirstTrapTime
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This notification occurs when weak IV attack is detected.
|
|
"
|
|
::= { hpnicfDot11WIDSTraps 9 }
|
|
|
|
-- WIDS Notification variable object
|
|
|
|
hpnicfDot11WIDSTrapVarObjects OBJECT IDENTIFIER
|
|
::= { hpnicfDot11WIDSNotifyGroup 2 }
|
|
|
|
hpnicfDot11WIDSRogueMAC OBJECT-TYPE
|
|
SYNTAX MacAddress
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents which rogue AP or station."
|
|
::= { hpnicfDot11WIDSTrapVarObjects 1 }
|
|
|
|
hpnicfDot11WIDSRogueType OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
rogueAp(1),
|
|
rogueStation(2)
|
|
}
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents the rogue type.
|
|
The following value are supported
|
|
rogueAp(1) - A rogue AP
|
|
rogueStation(2) - A rogue Station"
|
|
::= { hpnicfDot11WIDSTrapVarObjects 2 }
|
|
|
|
hpnicfDot11WIDSMonitorMAC OBJECT-TYPE
|
|
SYNTAX MacAddress
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents which monitor detected the rogue AP or station."
|
|
::= { hpnicfDot11WIDSTrapVarObjects 3 }
|
|
|
|
hpnicfDot11WIDSAdHocMAC OBJECT-TYPE
|
|
SYNTAX MacAddress
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents the MAC address of Ad hoc station."
|
|
::= { hpnicfDot11WIDSTrapVarObjects 4 }
|
|
|
|
hpnicfDot11UnauthorSSIDName OBJECT-TYPE
|
|
SYNTAX HpnicfDot11SSIDStringType
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents an unauthorized SSID."
|
|
::= { hpnicfDot11WIDSTrapVarObjects 5 }
|
|
|
|
hpnicfDot11MonitorAPID OBJECT-TYPE
|
|
SYNTAX HpnicfDot11ObjectIDType
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents monitor AP's APID."
|
|
::= { hpnicfDot11WIDSTrapVarObjects 6 }
|
|
|
|
hpnicfDot11MonitorApRadioID OBJECT-TYPE
|
|
SYNTAX HpnicfDot11RadioScopeType
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents monitor AP's radio ID"
|
|
::= { hpnicfDot11WIDSTrapVarObjects 7 }
|
|
|
|
hpnicfDot11WIDSAtkMac OBJECT-TYPE
|
|
SYNTAX MacAddress
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents mac address of attack source."
|
|
::= { hpnicfDot11WIDSTrapVarObjects 8 }
|
|
|
|
hpnicfDot11WIDSAtkFrameType OBJECT-TYPE
|
|
SYNTAX OCTET STRING
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents attack frame type."
|
|
::= { hpnicfDot11WIDSTrapVarObjects 9 }
|
|
|
|
hpnicfDot11WIDSAtkChannel OBJECT-TYPE
|
|
SYNTAX HpnicfDot11ChannelScopeType
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents attack channel."
|
|
::= { hpnicfDot11WIDSTrapVarObjects 10 }
|
|
|
|
hpnicfDot11WIDSAtkTime OBJECT-TYPE
|
|
SYNTAX OCTET STRING
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents when attacking happened."
|
|
::= { hpnicfDot11WIDSTrapVarObjects 11 }
|
|
|
|
hpnicfDot11WIDSAtkDestMac OBJECT-TYPE
|
|
SYNTAX MacAddress
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents mac address of attack destination."
|
|
::= { hpnicfDot11WIDSTrapVarObjects 12 }
|
|
|
|
hpnicfDot11WIDSFirstTrapTime OBJECT-TYPE
|
|
SYNTAX TimeTicks
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents the first trap time."
|
|
::= { hpnicfDot11WIDSTrapVarObjects 13 }
|
|
-- *****************************************************************************
|
|
-- * End OF hpnicfDot11WIDSNotifyGroup
|
|
-- *****************************************************************************
|
|
END
|