Knowledge Search


×
 

[Archive] What Are the SNMP Traps Included in the trap.mib for ScreenOS 5.0?

  [KB4439] Show Article Properties


Summary:
What Are the SNMP Traps Included in the trap.mib for ScreenOS 5.0?
Symptoms:

Solution:

The following are SNMP trap.mib listings for ScreenOS 5.0:

Note:  For a list of possible alarm types and their associated trap numbers, see KB7990.

 Firewall Related Traps:

traffic-sec(1) Traffic per-second threshold
traffic-min(2) Traffic per-minute threshold
user-auth-fail(3) User Authentication Fail
winnuke(4) Winnuke pak
syn-attack(5) Syn attack
tear-drop(6) tear-drop attack
ping-death(7) Ping of Death attack
ip-spoofing(8) IP spoofing attack
ip-src-route(9) IP source routing attack
land(10) land attack
icmp-flood(11) ICMP flooding attack
udp-flood(12) UDP flooding attack
admin(27) admin realted
sme(28) Illegal src ip to connect to sme port
dhcp(29) DHCP related
illegal-cms-svr(13) Illegal server IP to connect to CMS port
url-block-srv(14) URL blocking server connection alarm
high-availability(15) HA alarm
dns-srv-down(21) DNS server unreachable
lb-srv-down(23) Load balance server unreachable
x509(25) X509 related
port-scan(16) Port Scan attack
addr-sweep(17) address sweep attack
policy-deny(18) Deny by policy attack
syn-frag-attack(412) screen syn fragment attack
tcp-without-flag(413) screen tcp packet without flag attack
unknow-ip-packet(414) screen unknown ip packet
bad-ip-option(415) screen bad ip option
icmp-fragment(435) screen icmp fragment packet
too-large-icmp(436) screen too large icmp packet
tcp-syn-fin(437) screen tcp flag syn-fin set
tcp-fin-no-ack(438) screen tcp fin without ack
link-statechange(1000) link state change
IP-conflict(31) Interface IP conflict
attack-malicious-url(32) Microsoft IIS server vulnerability
session-threshold(33) session threshold is exceeded
ssh-alarm(34) SSH related alarms
dst-ip-session-limit(430) Dst IP-based session limiting
allocated-session-threshold(51) allocated session exceed threshold
ids-component(400) block java/active-x component
ids-icmp-flood(401) icmp flood attack
ids-udp-flood(402) udp flood attack
ids-winnuke(403) winnuke attack
ids-port-scan(404) port scan attack
ids-addr-sweep(405) address sweep attack
ids-tear-drop(406) tear drop attack
ids-syn(407) syn flood attack
ids-ip-spoofing(408) ip spoofing attack
ids-ping-death(409) ping of death attack
ids-ip-source-route(410) filter ip packet with source route option
ids-land(411) land attack
ids-block-zip(431) HTTP component blocking for .zip files
ids-block-jar(432) HTTP component blocking for Java applets
ids-block-exe(433) HTTP component blocking for .exe files
ids-block-activex(434) HTTP component blocking for ActiveX controls
ids-tcp-syn-ack-ack(439) avoid replying to syns after excessive 3 way TCP handshakes from same src ip but not proceeding with user auth. (not replying to username/password
ids-ip-block-frag(440) ip fragment

Hardware Related Traps:

device-dead(19) device not working
low-memory(20) memory low
generic-HW-fail(22) Fan, Power Supply failure
log-full(24) log buffer overflow
cpu-usage-high(30) CPU usage is high

VPN Related Traps:

vpn-ike(26) VPN and IKE related
vpn-tunnel-up(40) VPN tunnel from down to up
vpn-tunnel-down(41) VPN tunnel from up to down
vpn-replay-attack(42) VPN replay detected

NSRP Related Traps:

nsrp-rto-up(60) NSRP rto self unit status change from up to down
nsrp-rto-down(61) NSRP rto self unit status change from down to up
nsrp-trackip-success(62) NSRP track ip successed
nsrp-trackip-failed(63) NSRP track ip failed
nsrp-trackip-failover(64) NSRP track ip fail over
nsrp-inconsistent-configuration(65) NSRP inconsistent configuration between master and backup
nsrp-vsd-init(70) NSRP vsd group status change to elect
nsrp-vsd-master(71) NSRP vsd group status change to master
nsrp-vsd-pbackup(72) NSRP vsd group status change to primary backup
nsrp-vsd-backup(73) NSRP vsd group status change to backup
nsrp-vsd-ineligible(74) NSRP vsd group status change to ineligible
nsrp-vsd-inoperable(75) NSRP VSD group status change to inoperable
nsrp-vsd-req-hearbeat-2nd(76) NSRP VSD request heartbeat from 2nd HA path
nsrp-vsd-reply-2nd(77) NSRP VSD reply to 2nd path request
nsrp-rto-duplicated(78) NSRP duplicated RTO group found

Global Pro Related Traps:

dc-fail-reconnect-mc(79) DC fails to re-connect to MC
mc-fail-reconnect-db(80) MC fails to re-connect to Db
dc-fail-init(81) DC fails to initialize
mc-fail-init(82) MC fails to initialize
unknown-connect-attempt-dc(83) Unknown device trying to connect to a DC
dc-reinit(84) DC has been reinitialized/restarted (similar meaning as the cold start trap generated by the device)
mc-reinit(85) MC has been restarted
dc-fail-auth(86) DC fails to authenticate to a device
dc-mc-version-unmatch(87) DC / MC are not running the same version
dc-log-full(88) DC's traffic log files are full
device-connect-dc(89) NetScreen device connected to Global PRO
device-disconnect-dc(90) NetScreen device dis-connected from Global PRO

OSPF Related Traps:

route-alarm(205) Errors in route module (exceed limit, malloc failure, add-prefix failure etc)
osfp-flood(206) LSA/Hello packets flood in OSPF, route redistribution exceed limit
ospf_virtifstatechange(210) change in virtual link's state (down, point-to-point etc)
ospf_nbrstatechange(211) change in neighbor's state on regular interface (down, 2way, full etc)
ospf_virtnbrstatechange(212) change in neighbor's state on virtual link (down, full etc)
ospf_ifconfigerror(213) authentication mismatch/area mismatch etc on regular interface
ospf_virtifconfigerror(214) authentication mismatch/area mismatch etc on virtual link
ospf_ifauthfailure(215) Authentication error on regular interface
ospf_virtifauthfailure(216) Authentication error on virtual link
ospf_ifrxbadpacket(217) lsa received with invalid lsa-type on regular interface
ospf_virtifrxbadpacket(218) lsa received with invalid lsa-type on virtual link
ospf_txretransmit(219) retransmission to neighbor on regular interface
ospf_virtiftxretransmit(220) retransmission to neighbor on virtual link
ospf_originatelsa(221) new LSA generated by local router
ospf_maxagelsa(222) LSA aged out
ospf_lsdboverflow(223) when total LSAs in database exceed predefined limit
ospf_lsdbapproachingoverflow(224) when total LSAs in database approach predefined limit
ospf_ifstatechange(225) change in regular interface state (up/down, dr/bdr etc)

BGP Related Traps:

bgp-established(208) Peer forms adjacency completely
bgp-backwardtransition(209) Peer's adjacency is torn down, goes to Idle state

RIP Related Traps:

rip-flood(207) Update packet floods in RIP


 

 

 

 

Related Links: