smilint output for ./INTRUSION-DETECTION-SENSOR-ALERT-MIB


Message Severities
SeverityCount
error3
minor error1
warning9
Message Types
TypeCount
import-unused (warning)4
index-element-accessible (warning)1
integer-misuse (warning)4
object-identifier-not-prefix (error)1
revision-missing (minor error)1
sequence-type-mismatch (error)2

Messages:

INTRUSION-DETECTION-SENSOR-ALERT-MIB

   1: -- extracted from draft-glenn-id-sensor-alert-mib-01.txt
   2: -- at Sat Nov 25 16:04:49 2000
   3: 
   4:    INTRUSION-DETECTION-SENSOR-ALERT-MIB DEFINITIONS ::= BEGIN
   5: 
   6:     IMPORTS
   7:       MODULE-IDENTITY,  Counter32, Gauge32, OBJECT-TYPE,
   7: warning - warning: identifier `Counter32' imported from module `SNMPv2-SMI' is never used
   7: warning -
warning: identifier `Gauge32' imported from module `SNMPv2-SMI' is never used
   8:       OBJECT-IDENTITY,  mib-2      FROM SNMPv2-SMI
   9:       DateAndTime, TimeStamp
   9: warning - warning: identifier `TimeStamp' imported from module `SNMPv2-TC' is never used
  10:                  FROM SNMPv2-TC
  11:       MODULE-COMPLIANCE, OBJECT-GROUP
  12:                  FROM SNMPv2-CONF
  13:       SnmpEngineID, SnmpAdminString
  13: warning - warning: identifier `SnmpEngineID' imported from module `SNMP-FRAMEWORK-MIB' is never used
  14:                  FROM SNMP-FRAMEWORK-MIB
  15:       InetAddressType, InetAddress
  16:                  FROM INET-ADDRESS-MIB
  17:       URLString
  18:                  FROM NETWORK-SERVICES-MIB;
  19: 
  20:    idsaMIB MODULE-IDENTITY
  21:        LAST-UPDATED "200011160000Z"        --  16th November 2000
  22:        ORGANIZATION "IETF Intrusion Detection Message Exchange Format
  23:                      Working Group"
  24:        CONTACT-INFO
  25:       "                      Glenn Mansfield
  26:                      Postal: Cyber Solutions Inc.
  27:                              6-6-3, Minami Yoshinari
  28:                              Aoba-ku, Sendai, Japan 989-3204.
  29: 
  30:                         Tel: +81-22-303-4012
  31:                         Fax: +81-22-303-4015
  32:                      E-mail: glenn@cysols.com
  33: 
  34:                              Dipankar Gupta
  35:                      Postal: Hewlett Packard Company
  36:                              690 East Middlefield Road, MS 31R
  37:                              Mountain View California 94043.
  38: 
  39:                         Tel: +1-650-919-8066
  40:                         Fax: +1-650-919-8540
  41:                      E-mail: dipankar_gupta@hp.com
  42: 
  43:        Working Group E-mail: idwg-public@zurich.ibm.com
  44:                To subscribe: idwg-public-request@zurich.ibm.com"
  45: 
  46:        DESCRIPTION
  47:                " The MIB for Intrusion Detection Messages."
  48:             ::= { mib-2 xxx }     -- to be assigned by IANA
  48: minor error - revision for last update is missing
  48: error - Object identifier element `xxx' name only allowed as first element
  49: 
  50:     idsaSensorObjects OBJECT-IDENTITY
  51:         STATUS current
  52:         DESCRIPTION
  53:           " This is the base object for the objects used in the
  54:             notifications."
  55:         ::= {idsaMIB 1}
  56: 
  57:     idsaSensorID OBJECT-TYPE
  58:         SYNTAX  SnmpAdminString
  59:         MAX-ACCESS  read-only
  60:         STATUS  current
  61:         DESCRIPTION
  62:           " An identifier to uniquely identify the Analyzer
  63:             in the domain."
  64:         ::= { idsaSensorObjects 1 }
  65: 
  66:     idsaSensorDescription OBJECT-TYPE
  67:         SYNTAX  SnmpAdminString
  68:         MAX-ACCESS  read-only
  69:         STATUS  current
  70:         DESCRIPTION
  71:           " A short description of the Sensor."
  72:         ::= { idsaSensorObjects 2 }
  73: 
  74:     idsaSensorProductID OBJECT-TYPE
  75:         SYNTAX  SnmpAdminString
  76:         MAX-ACCESS  read-only
  77:         STATUS  current
  78:         DESCRIPTION
  79:           "A reference to MIB definitions specific to the
  80:            analyzer generating the message.  If this information
  81:            is not present, its value should be set to the OBJECT
  82:            IDENTIFIER { 0 0 }, which is a syntatically valid
  83:            object identifier."
  84:         ::= { idsaSensorObjects 3 }
  85: 
  86:     idsaSensorAddressType OBJECT-TYPE
  87:         SYNTAX InetAddressType
  88:         MAX-ACCESS read-only
  89:         STATUS current
  90:         DESCRIPTION
  91:           "The type of the address which follows."
  92:         ::= { idsaSensorObjects 4}
  93: 
  94:     idsaSensorAddress OBJECT-TYPE
  95:         SYNTAX InetAddress
  96:         MAX-ACCESS read-only
  97:         STATUS current
  98:         DESCRIPTION
  99:           "The Internet address of the sensor."
 100:         ::= { idsaSensorObjects 5}
 101: 
 102:     idsaSensorManufacturer   OBJECT-TYPE
 103:         SYNTAX SnmpAdminString
 104:         MAX-ACCESS read-only
 105:         STATUS current
 106:         DESCRIPTION
 107:           " the Manufacturer of the sensor that detected the event."
 108:         ::= { idsaSensorObjects 6}
 109: 
 110:     idsaSensorProductName   OBJECT-TYPE
 111:         SYNTAX SnmpAdminString
 112:         MAX-ACCESS read-only
 113:         STATUS current
 114:         DESCRIPTION
 115:           " the name of the product that detected the event."
 116:         ::= { idsaSensorObjects 7}
 117: 
 118:     idsaSensorVersion   OBJECT-TYPE
 119:         SYNTAX SnmpAdminString
 120:         MAX-ACCESS read-only
 121:         STATUS current
 122:         DESCRIPTION
 123:           " the version number of the sensor that detected the event."
 124:         ::= { idsaSensorObjects 8}
 125: 
 126: 
 127:     idsaSensorLocation OBJECT-TYPE
 128:         SYNTAX SnmpAdminString
 129:         MAX-ACCESS read-only
 130:         STATUS current
 131:         DESCRIPTION
 132:           " the location of the tool that detected the event."
 133:         ::= { idsaSensorObjects 9}
 134: 
 135: 
 136:     idsaAlerts OBJECT-IDENTITY
 137:         STATUS current
 138:         DESCRIPTION
 139:           " This is the base object for the subtree of objects defining
 140:             the alerts."
 141:         ::= {idsaMIB 2}
 142: 
 143:    --  idsaAlertTable: The Table of Alerts. Each row represents an Alert.
 144:    --  idsaAlertID is the key to the table. The size of this table will be
 145:    --  implementation dependent - some implementors may choose to keep
 146:    --  a maximum of one messages in this table.
 147: 
 148:     idsaAlertTable OBJECT-TYPE
 149:         SYNTAX  SEQUENCE OF IdsaAlertEntry
 150:         MAX-ACCESS  not-accessible
 151:         STATUS  current
 152:         DESCRIPTION
 153:           " Each row of this table contains information
 154:             about an alert indexed by idsaAlertID."
 155:         ::= { idsaAlerts 1 }
 156: 
 157:     idsaAlertEntry OBJECT-TYPE
 157: warning - warning: index element `idsaAlertID' of row `idsaAlertEntry' should be not-accessible in SMIv2 MIB
 158:         SYNTAX  IdsaAlertEntry
 159:         MAX-ACCESS  not-accessible
 160:         STATUS  current
 161:         DESCRIPTION
 162:           " Entry containing information pertaining to
 163:             an alert."
 164:         INDEX { idsaAlertID}
 165:         ::= { idsaAlertTable 1 }
 166: 
 167:     IdsaAlertEntry ::= SEQUENCE {
 168:        idsaAlertID
 169:                  INTEGER,
 170:        idsaAlertLocalAddressType
 171:                  InetAddressType,
 172:        idsaAlertLocalAddress
 173:                  InetAddress,
 174:        idsaAlertInterfaceIndex
 175:                  INTEGER,
 176:        idsaAlertTimeStamp
 177:                  DateAndTime,
 178:        idsaAlertActionsTaken
 179:                  INTEGER,
 180:        idsaAlertAttackName
 181:                  SnmpAdminString,
 182:        idsaAlertMoreInfo
 183:                  URLString,
 184:        idsaAlertSrcAddressType
 185:                  InetAddressType,
 186:        idsaAlertSrcAddress
 187:                  InetAddress,
 188:        idsaAlertDstAddressType
 189:                   InetAddressType,
 190:        idsaAlertDstAddress
 191:                   InetAddress,
 192: 
 193:        idsaAlertSrcPort
 194:                   INTEGER,
 195:        idsaAlertDstPort
 196:                   INTEGER
 197:        }
 198: 
 199: 
 200:     idsaAlertID OBJECT-TYPE
 201:         SYNTAX INTEGER (1..65535)
 201: warning - warning: use Integer32 instead of INTEGER in SMIv2
 202:         MAX-ACCESS read-only
 203:         STATUS current
 204:         DESCRIPTION
 205:           " The AlertID uniquely identifies each alert generated
 206:             by the sensor."
 207:         ::= {idsaAlertEntry 1}
 208: 
 209:     idsaAlertLocalAddressType OBJECT-TYPE
 210:         SYNTAX InetAddressType
 211:         MAX-ACCESS read-only
 212:         STATUS current
 213:         DESCRIPTION
 214:           "The type of the address which follows."
 215:         ::= { idsaAlertEntry 2}
 216: 
 217:     idsaAlertLocalAddress OBJECT-TYPE
 218:         SYNTAX InetAddress
 219:         MAX-ACCESS read-only
 220:         STATUS current
 221:         DESCRIPTION
 222:           "The Internet address associated with the alert ."
 223:         ::= { idsaAlertEntry 3}
 224: 
 225:     idsaAlertInterfaceIndex OBJECT-TYPE
 226:         SYNTAX INTEGER (1..65535)
 226: warning - warning: use Integer32 instead of INTEGER in SMIv2
 227:         MAX-ACCESS read-only
 228:         STATUS current
 229:         DESCRIPTION
 230:           " The ifIndex of the interface on which the event was
 231:             detected  by the sensor."
 232:         ::= {idsaAlertEntry 4}
 233: 
 234:     idsaAlertTimeStamp OBJECT-TYPE
 235:         SYNTAX DateAndTime
 236:         MAX-ACCESS read-only
 237:         STATUS current
 238:         DESCRIPTION
 239:           " The local date and time when this alert was generated."
 240:         ::= { idsaAlertEntry 5}
 241: 
 242:     -- the actions will probably be a comma separated list of action
 243:     -- codes or a pointer to another MIB table from which the actions
 244:     -- may be fetched.
 245:     --
 246:     idsaAlertActionsTaken OBJECT-TYPE
 247:         SYNTAX SnmpAdminString
 248:         MAX-ACCESS read-only
 249:         STATUS current
 250:         DESCRIPTION
 251:           " The list of automatic actions taken by the sensor"
 252:         ::= { idsaAlertEntry 6}
 252: error - type of `idsaAlertActionsTaken' in sequence and object type definition do not match
 253: 
 254:     -- SnmpAdminString length is 255 characters max. It contains
 255:     -- information represented using the ISO/IEC IS 10646-1 character
 256:     -- set, encoded using the UTF-8 transformation format to facilitate
 257:     -- internationalization.
 258: 
 259:     idsaAlertAttackName OBJECT-TYPE
 260:         SYNTAX SnmpAdminString
 261:         MAX-ACCESS read-only
 262:         STATUS current
 263:         DESCRIPTION
 264:           " the name of the atack, if known. If not known this field will
 265:                   be inaccessile."
 266:         ::= { idsaAlertEntry 7}
 267: 
 268:     idsaAlertMoreInfo OBJECT-TYPE
 269:         SYNTAX  OBJECT IDENTIFIER
 270:         MAX-ACCESS  read-only
 271:         STATUS  current
 272:         DESCRIPTION
 273:           "A reference to MIB definitions specific to this
 274:           message.  If this information is not
 275:           present, its value should be set to the OBJECT
 276:           IDENTIFIER { 0 0 }, which is a syntatically valid
 277:           object identifier."
 278:         ::= { idsaAlertEntry 8}
 278: error - type of `idsaAlertMoreInfo' in sequence and object type definition do not match
 279: 
 280:     idsaAlertSrcAddressType OBJECT-TYPE
 281:         SYNTAX InetAddressType
 282:         MAX-ACCESS read-only
 283:         STATUS current
 284:         DESCRIPTION
 285:           "The type of the Internet address that was the attack source."
 286:         ::= { idsaAlertEntry 9}
 287: 
 288:     idsaAlertSrcAddress OBJECT-TYPE
 289:         SYNTAX InetAddress
 290:         MAX-ACCESS read-only
 291:         STATUS current
 292:         DESCRIPTION
 293:           " The Internet addresses of the entity from which the attack
 294:             originated, if known. "
 295:         ::= { idsaAlertEntry 10}
 296: 
 297:     idsaAlertDstAddressType OBJECT-TYPE
 298:         SYNTAX InetAddressType
 299:         MAX-ACCESS read-only
 300:         STATUS current
 301:         DESCRIPTION
 302:           "The type of the Internet address that was the attack target."
 303:         ::= { idsaAlertEntry 11}
 304: 
 305:     idsaAlertDstAddress OBJECT-TYPE
 306:         SYNTAX InetAddress
 307:         MAX-ACCESS read-only
 308:         STATUS current
 309:         DESCRIPTION
 310:           " The Internet address of the entity to which the attack
 311:             was destined, if known."
 312:         ::= { idsaAlertEntry 12}
 313: 
 314:     idsaAlertSrcPort OBJECT-TYPE
 315:         SYNTAX INTEGER
 316:         MAX-ACCESS read-only
 316: warning - warning: use Integer32 instead of INTEGER in SMIv2
 317:         STATUS current
 318:         DESCRIPTION
 319:           " The port number from where the attack has originated "
 320:         ::= { idsaAlertEntry 13}
 321: 
 322:     idsaAlertDstPort OBJECT-TYPE
 323:         SYNTAX INTEGER
 324:         MAX-ACCESS read-only
 324: warning - warning: use Integer32 instead of INTEGER in SMIv2
 325:         STATUS current
 326:         DESCRIPTION
 327:           " The port number to which the attack is destined "
 328:         ::= { idsaAlertEntry 14}
 329: 
 330:     -- Conformance information
 331: 
 332:     idsaConformance OBJECT IDENTIFIER ::= {idsaMIB 3 }
 333: 
 334:     idsaGroups      OBJECT IDENTIFIER ::= { idsaConformance 1 }
 335:     idsaCompliances OBJECT IDENTIFIER ::= { idsaConformance 2 }
 336: 
 337:     -- Compliance statements
 338: 
 339:     idsaAlertCompliance MODULE-COMPLIANCE
 340:         STATUS  current
 341:         DESCRIPTION
 342:                 "The compliance statement for SNMP entities
 343:                  which implement the
 344:                             INTRUSION-DETECTION-SENSOR-ALERT-MIB."
 345: 
 346:         MODULE  -- this module
 347:             MANDATORY-GROUPS { idsaAlertGroup }
 348: 
 349:         ::= { idsaCompliances 1 }
 350: 
 351:     -- Units of conformance
 352: 
 353:     idsaAlertGroup    OBJECT-GROUP
 354:         OBJECTS {
 355:                     idsaSensorID,
 356:                     idsaSensorDescription,
 357:                     idsaSensorProductID,
 358:                     idsaSensorAddressType,
 359:                     idsaSensorAddress,
 360:                     idsaSensorManufacturer,
 361:                     idsaSensorProductName,
 362:                     idsaSensorVersion,
 363:                     idsaSensorLocation,
 364:                     idsaAlertID,
 365:                     idsaAlertLocalAddressType,
 366:                     idsaAlertLocalAddress,
 367:                     idsaAlertInterfaceIndex,
 368:                     idsaAlertTimeStamp,
 369:                     idsaAlertActionsTaken,
 370:                     idsaAlertAttackName,
 371:                     idsaAlertMoreInfo,
 372:                     idsaAlertSrcAddressType,
 373:                     idsaAlertSrcAddress,
 374:                     idsaAlertDstAddressType,
 375:                     idsaAlertDstAddress,
 376:                     idsaAlertSrcPort,
 377:                     idsaAlertDstPort
 378: 
 379:        }
 380:         STATUS  current
 381:         DESCRIPTION
 382:                 " A collection of objects for generation and despatch of
 383:                   alerts pertaining to intrusions detected."
 384:         ::= { idsaGroups 1 }
 385: 
 386:    END
 387: 
 388: -- 
 389: --          "Copyright (C) The Internet Society (date). All Rights
 390: --          Reserved.
 391: -- 
 392: --          This document and translations of it may be copied and
 393: --          furnished to others, and derivative works that comment on or
 394: --          otherwise explain it or assist in its implmentation may be
 395: --          prepared, copied, published and distributed, in whole or in
 396: --          part, without restriction of any kind, provided that the above
 397: --          copyright notice and this paragraph are included on all such
 398: --          copies and derivative works.  However, this document itself may
 399: --          not be modified in any way, such as by removing the copyright
 400: --          notice or references to the Internet Society or other Internet
 401: --          organizations, except as needed for the  purpose of developing
 402: --          Internet standards in which case the procedures for copyrights
 403: --          defined in the Internet Standards process must be followed, or
 404: --          as required to translate it into languages other than English.
 405: -- 
 406: --          The limited permissions granted above are perpetual and will
 407: --          not be revoked by the Internet Society or its successors or
 408: --          assigns.
 409: -- 
 410: --          This document and the information contained herein is provided
 411: --          on an "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET
 412: --          ENGINEERING TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR
 413: --          IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE
 414: --          OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY
 415: --          IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A
 416: --          PARTICULAR PURPOSE."
 417: