시그니처 리스트, Signature List
번호날짜ID시그니처 (Total Ruleset: 27,111개)
8,9112015/01/20 2011387  ET TROJAN indux.php check-in;  
8,9102015/01/20 2011385  ET WEB_SPECIFIC_APPS Joomla NoticeBoard Component controller Parameter Local File Inclusion Attempt; [1
8,9092015/01/20 2011384  ET WEB_SPECIFIC_APPS MAXcms fm_includes_special Parameter Remote File Inclusion Attempt; [1,2
8,9082015/01/20 2011383  ET WEB_SPECIFIC_APPS CSSTidy css_optimiser.php url Parameter Cross Site Scripting Attempt; [1,2
8,9072015/01/20 2011382  ET WEB_SPECIFIC_APPS iScripts MultiCart orderid Parameter UPDATE SET SQL Injection Attempt;  
8,9062015/01/20 2011381  ET WEB_SPECIFIC_APPS iScripts MultiCart orderid Parameter INSERT INTO SQL Injection Attempt;  
8,9052015/01/20 2011380  ET WEB_SPECIFIC_APPS iScripts MultiCart orderid Parameter UNION SELECT SQL Injection Attempt;  
8,9042015/01/20 2011378  ET WEB_SPECIFIC_APPS iScripts MultiCart orderid Parameter SELECT FROM SQL Injection Attempt;  
8,9032015/01/20 2011377  ET WEB_SPECIFIC_APPS SaurusCMS com_del.php class_path Parameter Remote File Inclusion Attempt; [1
8,9022015/01/20 2011375  ET POLICY HTTP Request to a *.cz.cc domain;  
8,9012015/01/20 2011374  ET POLICY HTTP Request to a *.co.cc domain;  
8,9002015/01/20 2011373  ET DELETED FakeAV client requesting fake scanner page;  
8,8992015/01/20 2011371  ET TROJAN Stupid Stealer C&C Communication (2); [1
8,8982015/01/20 2011370  ET TROJAN Stupid Stealer C&C Communication (1); [1
8,8972015/01/20 2011369  ET DELETED DRIVEBY phoenix exploit kit landing page;  
8,8962015/01/20 2011368  ET SCAN Malformed Packet SYN RST;  
8,8952015/01/20 2011367  ET SCAN Malformed Packet SYN FIN;  
8,8942015/01/20 2011366  ET WEB_CLIENT Possible Apple Quicktime Invalid SMIL URI Buffer Overflow Attempt; [1
8,8932015/01/20 2011365  ET TROJAN Sinowal/sinonet/mebroot/Torpig infected host checkin;  
8,8922015/01/20 2011364  ET TROJAN Sinowal/sinonet/mebroot/Torpig infected host POSTing process list;  
8,8912015/01/20 2011362  ET WEB_SERVER ColdFusion Path Traversal (locale 5/5); [1,2,3
8,8902015/01/20 2011360  ET WEB_SERVER ColdFusion Path Traversal (locale 3/5); [1,2,3
8,8892015/01/20 2011359  ET WEB_SERVER ColdFusion Path Traversal (locale 2/5); [1,2,3
8,8882015/01/20 2011358  ET WEB_SERVER ColdFusion Path Traversal (locale 1/5); [1,2,3
8,8872015/01/20 2011357  ET TROJAN FakeAV SetupSecure Download Attempt SetupSecure; [1
8,8862015/01/20 2011355  ET CURRENT_EVENTS Driveby bredolab hidden div served by nginx;  
8,8852015/01/20 2011354  ET DELETED Driveby bredolab request to a .ru 8080 URI;  
8,8842015/01/20 2011353  ET DELETED Driveby bredolab jquery.jxx;  
8,8832015/01/20 2011351  ET DELETED Driveby bredolab server response contains .ru 8080/index.php?;  
8,8822015/01/20 2011350  ET CURRENT_EVENTS DRIVEBY SEO Exploit Kit request for Java and PDF exploits;  
8,8812015/01/20 2011349  ET CURRENT_EVENTS DRIVEBY SEO Exploit Kit request for Java exploit;  
8,8802015/01/20 2011348  ET CURRENT_EVENTS DRIVEBY SEO Exploit Kit request for PDF exploit;  
8,8792015/01/20 2011347  ET WEB_CLIENT Possible String.FromCharCode Javascript Obfuscation Attempt; [1,2,3,4
8,8782015/01/20 2011346  ET SHELLCODE Possible Unescape %u Shellcode/Heap Spray; [1,2,3,4,5
8,8772015/01/20 2011345  ET DELETED Possible Zeus Version 3 Infection Posting Banking HTTP Log to Command and Control Server; [1,2,3
8,8762015/01/20 2011344  ET DELETED POST to /x48/x58/ Possible Zeus Version 3 Command and Control Server Traffic; [1,2,3
8,8752015/01/20 2011343  ET WEB_CLIENT FakeAV scanner page encountered Initializing Virus Protection System;  
8,8742015/01/20 2011342  ET DELETED Malvertising DRIVEBY Fragus Admin Panel Delivered To Client;  
8,8732015/01/20 2011341  ET TROJAN Suspicious POST to WINDOWS Folder Possible Malware Infection;  
8,8722015/01/20 2011339  ET DELETED PHARMSPAM image requested layout viagra_super_active.jpg;  
8,8712015/01/20 2011338  ET TROJAN Sality Variant Downloader Activity (3); [1
8,8702015/01/20 2011337  ET TROJAN Sality Variant Downloader Activity (2); [1,2
8,8692015/01/20 2011336  ET TROJAN Sality Variant Downloader Activity; [1,2
8,8682015/01/20 2011335  ET TROJAN Sality Variant Checkin Activity; [1,2
8,8672015/01/20 2011334  ET MALWARE User-Agent (C\\WINDOWS\\system32\\NetLogom.exe);  
8,8662015/01/20 2011330  ET DELETED DRIVEBY Fragus - landing page delivered;  
8,8652015/01/20 2011329  ET WEB_CLIENT Possible PDF Launch Function Remote Code Execution Attempt with Name Representation Obfuscation; [1,2,3,4,5,6,7,8
8,8642015/01/20 2011328  ET EXPLOIT HP OpenView Network Node Manager OvJavaLocale Cookie Value Buffer Overflow Attempt; [1
8,8632015/01/20 2011326  ET DELETED NewGames.jar Download Suspicious Possible Exploit Attempt;  
8,8622015/01/20 2011325  ET DELETED Notes1.pdf Download Suspicious Possible Exploit Attempt;  
< 361  362  363  364  365  366  367  368  369  370 >
GigaVPN & GigaIPS is based MikroTik, Suricata and EmergingThreats.
Copyright ⓒ 2010 . All Rights Reserved.