시그니처 리스트, Signature List
번호날짜ID시그니처 (Total Ruleset: 27,111개)
11,3612015/01/20 2014132  ET ACTIVEX HP Easy Printer Care Software XMLCacheMgr ActiveX Control Remote Code Execution Attempt;  
11,3602015/01/20 2014131  ET DELETED W32/Ramnit Initial CnC Connection; [1
11,3592015/01/20 2014130  ET POLICY Splashtop Remote Control Session Keepalive Response; [1
11,3582015/01/20 2014129  ET POLICY Splashtop Remote Control Session Keepalive; [1
11,3572015/01/20 2014128  ET POLICY Splashtop Remote Control Session Start Request; [1
11,3562015/01/20 2014127  ET POLICY Splashtop Remote Control Checkin; [1
11,3552015/01/20 2014126  ET CURRENT_EVENTS DRIVEBY Blackhole Likely Flash Exploit Request /field.swf;  
11,3542015/01/20 2014125  ET CURRENT_EVENTS DRIVEBY Blackhole - Help and Control Panel Exploit Request; [1
11,3532015/01/20 2014124  ET POLICY Softango.com Installer POSTing Data;  
11,3522015/01/20 2014123  ET POLICY Softango.com Installer Checking For Update;  
11,3512015/01/20 2014122  ET MALWARE W32/OpenCandy Adware Checkin;  
11,3502015/01/20 2014121  ET TROJAN Win32/Nuclear Checkin;  
11,3492015/01/20 2014120  ET MALWARE Win32/Eorezo-B Adware Checkin;  
11,3482015/01/20 2014119  ET TROJAN W32/Lici Initial Checkin;  
11,3472015/01/20 2014118  ET TROJAN Cythosia V2 DDoS WebPanel Hosted Locally; [1
11,3462015/01/20 2014117  ET TROJAN Trojan-Dropper.Win32.Dapato Checkin; [1,2
11,3452015/01/20 2014116  ET TROJAN Suspicious User-Agent build - possibly Delf/Troxen/Zema;  
11,3442015/01/20 2014115  ET TROJAN Delf/Troxen/Zema Reporting 2;  
11,3432015/01/20 2014114  ET TROJAN Delf/Troxen/Zema Reporting 1;  
11,3422015/01/20 2014113  ET TROJAN Win32-Dynamer.dtc Reporting; [1
11,3412015/01/20 2014112  ET TROJAN W32.Menti/TrojanClicker.Agent.NII Checkin; [1
11,3402015/01/20 2014111  ET TROJAN Win32.UFRStealer.A issuing MKD command FTP; [1
11,3392015/01/20 2014110  ET DELETED Backdoor.Win32.Gh0st.QQ Checkin 2; [1
11,3382015/01/20 2014109  ET DELETED Backdoor.Win32.Gh0st.QQ Checkin; [1
11,3372015/01/20 2014108  ET TROJAN PoisonIvy.Eu6 Keepalive to CnC;  
11,3362015/01/20 2014107  ET TROJAN Zeus POST Request to CnC - cookie variation; [1
11,3352015/01/20 2014106  ET DELETED Zeus POST Request to CnC - content-type variation;  
11,3342015/01/20 2014105  ET TROJAN Zeus Bot GET to Google checking Internet connectivity using proxy; [1,2
11,3332015/01/20 2014104  ET DELETED Zeus POST Request to CnC - content-type variation;  
11,3322015/01/20 2014103  ET WEB_SERVER Unusually Fast HTTP Requests With Referer Url Matching DoS Tool; [1
11,3312015/01/20 2014102  ET POLICY FACEBOOK user id in http_client_body, lookup with fb.com/profile.php?id=;  
11,3302015/01/20 2014101  ET TROJAN Blackshades Payload Download Command;  
11,3292015/01/20 2014100  ET WEB_SERVER ASP.NET Forms Authentication Bypass;  
11,3282015/01/20 2014099  ET TROJAN Exploit Kit Delivering Office File to Client;  
11,3272015/01/20 2014098  ET DELETED Excessive JavaScript replace /g - Exploit Kit Behavior Flowbit Set;  
11,3262015/01/20 2014097  ET CURRENT_EVENTS Excessive new Array With Newline - Exploit Kit Behavior Flowbit Set; [1
11,3252015/01/20 2014096  ET CURRENT_EVENTS Document.write Long Backslash UTF-16 Encoded Content - Exploit Kit Behavior Flowbit Set; [1
11,3242015/01/20 2014095  ET POLICY Kindle Fire Browser User-Agent Outbound; [1
11,3232015/01/20 2014094  ET CURRENT_EVENTS Blackhole-like Java Exploit request to .jar?t=;  
11,3222015/01/20 2014093  ET TROJAN Downloader.Win32.Nurech Checkin UA;  
11,3212015/01/20 2014092  ET POLICY Dyndns Client User-Agent;  
11,3202015/01/20 2014091  ET POLICY Dyndns Client IP Check;  
11,3192015/01/20 2014090  ET TROJAN Suspicious user agent (V32);  
11,3182015/01/20 2014088  ET WEB_SPECIFIC_APPS Mambo Zorder zorder Parameter DELETE FROM SQL Injection Vulnerability; [1
11,3172015/01/20 2014087  ET WEB_SPECIFIC_APPS Mambo Zorder zorder Parameter SELECT FROM SQL Injection Vulnerability; [1
11,3162015/01/20 2014086  ET WEB_SPECIFIC_APPS Planex Mini-300PU & Mini100s Cross-site Scripting Attempt; [1
11,3152015/01/20 2014085  ET TROJAN TROJAN Win32-WebSec Reporting; [1
11,3142015/01/20 2014084  ET TROJAN TROJAN Win32.OnlineGames.Bft Reporting; [1,2
11,3132015/01/20 2014083  ET TROJAN Trojan.Win32.A.FakeAV Reporting; [1
11,3122015/01/20 2014082  ET WEB_SPECIFIC_APPS SourceBans ajaxargs Parameter Local File Inclusion Attempt; [1
< 311  312  313  314  315  316  317  318  319  320 >
GigaVPN & GigaIPS is based MikroTik, Suricata and EmergingThreats.
Copyright ⓒ 2010 . All Rights Reserved.