Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
740
Views
0
Helpful
0
Replies

How to show snmp oid list on IPS when entering with "session ips" to the IPS Module and how to detect intrusion via snmp

huckenmeyer1
Level 1
Level 1

‎07-15-2016 04:51 AM - edited ‎03-10-2019 06:39 AM

Hello to everyone!

1) OID

I need to know what is explicitly possible w.r.t polling snmp paramaters, i.e. OID's from the IPS ASA-5515-X software IPS module.

For the ASA itself this can be performed via command "show snmp-server oidlist", but how on the IPS?

2) Intrusion detection via SNMP

My follow up question is how I could detect e.g. port scanning attack via SNMP by using this device?

I know the syslogs will tell me, but is there a special OID that would give me indications on DoS attacks, port scanning attacks, etc...

Help appreciated!

Many thanks
Haki

Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card