시그니처 리스트, Signature List
번호날짜ID시그니처 (Total Ruleset: 27,111개)
8,3612015/01/20 2010763  ET WEB_SPECIFIC_APPS Possible Zenoss Cross Site Request Forgery Ping UserCommand Attempt; [1,2
8,3602015/01/20 2010762  ET WEB_SPECIFIC_APPS Possible Zenoss Cross Site Request Forgery UserCommand Attempt; [1,2
8,3592015/01/20 2010761  ET WEB_SPECIFIC_APPS Possible Zenoss Cross Site Request Forgery Attempt; [1,2
8,3582015/01/20 2010760  ET ACTIVEX Possible Gracenote CDDBControl ActiveX Control ViewProfile Method Heap Buffer Overflow Attempt; [1,2
8,3572015/01/20 2010759  ET EXPLOIT Xerox WorkCentre PJL Daemon Buffer Overflow Attempt; [1,2
8,3562015/01/20 2010758  ET WEB_CLIENT VLC Media Player .ass File Buffer Overflow Attempt; [1,2
8,3552015/01/20 2010757  ET WEB_CLIENT VLC Media Player Aegisub Advanced SubStation (.ass) File Request flowbit set; [1
8,3542015/01/20 2010756  ET TROJAN Sasfis Botnet Client Reporting Back to Controller After Command Execution; [1,2
8,3532015/01/20 2010755  ET DOS IBM DB2 kuddb2 Remote Denial of Service Attempt; [1,2,3
8,3522015/01/20 2010754  ET WEB_SPECIFIC_APPS Joomla com_musicgallery Component Id Parameter UPDATE SET SQL Injection Attempt; [1,2
8,3512015/01/20 2010753  ET WEB_SPECIFIC_APPS Joomla com_musicgallery Component Id Parameter INSERT INTO SQL Injection Attempt; [1,2
8,3502015/01/20 2010752  ET WEB_SPECIFIC_APPS Joomla com_musicgallery Component Id Parameter UNION SELECT SQL Injection Attempt; [1,2
8,3492015/01/20 2010751  ET WEB_SPECIFIC_APPS Joomla com_musicgallery Component Id Parameter DELETE FROM SQL Injection Attempt; [1,2
8,3482015/01/20 2010750  ET WEB_SPECIFIC_APPS Joomla com_musicgallery Component Id Parameter SELECT FROM SQL Injection Attempt; [1,2
8,3472015/01/20 2010749  ET ACTIVEX SoftArtisans XFile FileManager ActiveX DeleteFile method stack overflow Attempt; [1,2,3,4
8,3462015/01/20 2010748  ET ACTIVEX SoftArtisans XFile FileManager ActiveX DriveExists method stack overflow Attempt; [1,2,3,4
8,3452015/01/20 2010747  ET ACTIVEX SoftArtisans XFile FileManager ActiveX GetDriveName method stack overflow Attempt; [1,2,3,4
8,3442015/01/20 2010746  ET ACTIVEX SoftArtisans XFile FileManager ActiveX Buildpath method stack overflow Attempt; [1,2,3,4
8,3432015/01/20 2010745  ET ACTIVEX SoftArtisans XFile FileManager ActiveX stack overfow Function call Attempt; [1,2,3,4
8,3422015/01/20 2010744  ET TROJAN Oficla Russian Malware Bundle C&C instruction response (2); [1,2
8,3412015/01/20 2010743  ET TROJAN Oficla Checkin (1); [1,2
8,3402015/01/20 2010742  ET DELETED Pinkslipbot Trojan Downloader; [1
8,3392015/01/20 2010741  ET TROJAN Suspicious exe.exe request - possible downloader/Oficla; [1,2
8,3382015/01/20 2010740  ET FTP FTP STOR command attempt without login; [1,2
8,3372015/01/20 2010739  ET FTP FTP RNFR command attempt without login; [1,2
8,3362015/01/20 2010738  ET FTP FTP RNTO command attempt without login; [1,2
8,3352015/01/20 2010737  ET FTP FTP NLST command attempt without login; [1,2
8,3342015/01/20 2010736  ET FTP FTP RETR command attempt without login; [1,2
8,3332015/01/20 2010735  ET FTP FTP PWD command attempt without login; [1,2
8,3322015/01/20 2010734  ET FTP FTP MKDIR command attempt without login; [1,2
8,3312015/01/20 2010733  ET FTP FTP RMDIR command attempt without login; [1,2
8,3302015/01/20 2010732  ET FTP FTP SITE command attempt without login; [1,2
8,3292015/01/20 2010731  ET FTP FTP CWD command attempt without login; [1,2
8,3282015/01/20 2010730  ET WEB_SERVER Possible Cisco ASA Appliance Clientless SSL VPN HTML Rewriting Security Bypass Attempt/Cross Site Scripting Attempt; [1,2,3,4
8,3272015/01/20 2010729  ET DELETED Zeus Bot / Zbot Checkin (/us01d/in.php); [1,2
8,3262015/01/20 2010728  ET WEB_SPECIFIC_APPS WordPress wp-admin/admin.php Module Configuration Security Bypass Attempt; [1,2
8,3252015/01/20 2010727  ET MALWARE User-Agent (Live Enterprise Suite); [1
8,3242015/01/20 2010726  ET ACTIVEX Adobe browser document ActiveX DoS Attempt; [1,2
8,3232015/01/20 2010725  ET POLICY ApacheBenchmark Tool User-Agent Detected; [1,2
8,3222015/01/20 2010724  ET TROJAN Oficla Russian Malware Bundle C&C instruction response; [1,2
8,3212015/01/20 2010723  ET TROJAN Oficla Russian Malware Bundle C&C instruction response with runurl; [1,2
8,3202015/01/20 2010722  ET USER_AGENTS Suspicious Non-Escaping backslash in User-Agent Inbound; [1,2,3
8,3192015/01/20 2010721  ET USER_AGENTS Suspicious Non-Escaping backslash in User-Agent Outbound; [1,2
8,3182015/01/20 2010720  ET WEB_SERVER PHP Scan Precursor; [1
8,3172015/01/20 2010719  ET WEB_SPECIFIC_APPS e107 CMS backdoor access, admin-access cookie and HTTP POST; [1,2,3
8,3162015/01/20 2010718  ET TROJAN Gootkit Checkin User-Agent (Gootkit HTTP Client); [1
8,3152015/01/20 2010717  ET MALWARE Suspicious User-Agent (FaceCooker); [1
8,3142015/01/20 2010716  ET DELETED Malwareurl - wywg executable download Likely Malware; [1,2
8,3132015/01/20 2010715  ET SCAN ZmEu exploit scanner; [1
8,3122015/01/20 2010714  ET WEB_SPECIFIC_APPS Joomla Foobla Suggestions Component idea_id UPDATE SET SQL Injection Attempt; [1
< 371  372  373  374  375  376  377  378  379  380 >
GigaVPN & GigaIPS is based MikroTik, Suricata and EmergingThreats.
Copyright ⓒ 2010 . All Rights Reserved.