시그니처 리스트, Signature List
번호날짜ID시그니처 (Total Ruleset: 27,111개)
9,0612015/01/20 2011584  ET POLICY Vulnerable Java Version 1.4.x Detected; [1
9,0602015/01/20 2011583  ET CURRENT_EVENTS Neosploit Exploit Pack Activity Observed; [1,2,3
9,0592015/01/20 2011582  ET POLICY Vulnerable Java Version 1.6.x Detected; [1,2
9,0582015/01/20 2011581  ET POLICY Vulnerable Java Version 1.5.x Detected; [1
9,0572015/01/20 2011579  ET POLICY route1.com SSL certificate for remote access detected;  
9,0562015/01/20 2011578  ET TROJAN DNSTrojan FakeAV Dropper Activity Observed (2); [1,2,3,4
9,0552015/01/20 2011577  ET TROJAN DNSTrojan FakeAV Dropper Activity Observed (1); [1,2,3,4
9,0542015/01/20 2011576  ET TROJAN nte Binary Download Attempt (multiple malware variants served); [1,2
9,0532015/01/20 2011575  ET WEB_CLIENT Adobe Acrobat newfunction Remote Code Execution Attempt; [1,2
9,0522015/01/20 2011574  ET WEB_SPECIFIC_APPS Plogger phpThumb.php w Parameter Remote File Disclosure Attempt; [1
9,0512015/01/20 2011573  ET WEB_SPECIFIC_APPS Plogger phpThumb.php src Parameter Remote File Disclosure Attempt; [1
9,0502015/01/20 2011572  ET WEB_SPECIFIC_APPS Plogger phpThumb.php h Parameter Remote File Disclosure Attempt; [1
9,0492015/01/20 2011571  ET WEB_SPECIFIC_APPS Euchia CMS catalogo.php id_livello Parameter Cross Site Scripting Attempt; [1
9,0482015/01/20 2011566  ET WEB_SPECIFIC_APPS Easypush Server Manager addressbook.cgi page Parameter Cross Site Scripting Attempt; [1
9,0472015/01/20 2011565  ET WEB_SPECIFIC_APPS Dompdf dompdf.php input_file Parameter Remote File Inclusion Attempt; [1
9,0462015/01/20 2011564  ET WEB_SPECIFIC_APPS PHP Classifieds class.phpmailer.php lang_path Parameter Remote File Inclusion Attempt; [1
9,0452015/01/20 2011563  ET WEB_SPECIFIC_APPS DynPage dynpage_load.php file Parameter Local File Inclusion Attempt; [1
9,0442015/01/20 2011562  ET WEB_SPECIFIC_APPS PithCMS oldnews_reader.php lang Parameter Local File Inclusion Attempt; [1
9,0432015/01/20 2011561  ET WEB_SPECIFIC_APPS Joomla com_zoomportfolio component DELETE FROM SQL Injection Attempt; [1,2
9,0422015/01/20 2011560  ET WEB_SPECIFIC_APPS Joomla com_zoomportfolio component SELECT FROM SQL Injection Attempt; [1,2
9,0412015/01/20 2011559  ET WEB_SPECIFIC_APPS Joomla com_zoomportfolio component UPDATE SET SQL Injection Attempt; [1,2
9,0402015/01/20 2011558  ET WEB_SPECIFIC_APPS Joomla com_zoomportfolio component INSERT INTO SQL Injection Attempt; [1,2
9,0392015/01/20 2011557  ET WEB_SPECIFIC_APPS Joomla com_zoomportfolio component UNION SELECT SQL Injection Attempt; [1,2
9,0382015/01/20 2011556  ET DELETED ClearSite device_admin.php cs_base_path Parameter Remote File Inclusion Attempt; [1
9,0372015/01/20 2011555  ET WEB_SPECIFIC_APPS SnortReport nmap.php target Parameter Arbitrary Command Execution Attempt; [1
9,0362015/01/20 2011554  ET WEB_SPECIFIC_APPS Joomla Component com_jphone Local File Inclusion Attempt; [1
9,0352015/01/20 2011553  ET WEB_SPECIFIC_APPS FCMS settings.php current_user_id Parameter Remote File Inclusion Attempt; [1
9,0342015/01/20 2011552  ET WEB_SPECIFIC_APPS FCMS familynews.php current_user_id Parameter Remote File Inclusion Attempt; [1
9,0332015/01/20 2011547  ET WEB_SPECIFIC_APPS AlstraSoft AskMe que_id Parameter SELECT FROM SQL Injection Attempt; [1
9,0322015/01/20 2011546  ET DELETED FAKEAV client requesting fake scanner page;  
9,0312015/01/20 2011545  ET DELETED Possible Client requesting fake scanner page /scan/?key=;  
9,0302015/01/20 2011544  ET TROJAN JAR Download From Crimepack Exploit Kit; [1,2,3
9,0292015/01/20 2011543  ET WEB_CLIENT Adobe Shockwave Director tSAC Chunk memory corruption Attempt; [1
9,0282015/01/20 2011542  ET POLICY OpenSSL Demo CA - Cryptsoft Pty (O);  
9,0272015/01/20 2011541  ET POLICY OpenSSL Demo CA - Cryptsoft Pty (CN);  
9,0262015/01/20 2011540  ET POLICY OpenSSL Demo CA - Internet Widgits Pty (O);  
9,0252015/01/20 2011539  ET POLICY OpenSSL Demo CA - Internet Widgits Pty (CN);  
9,0242015/01/20 2011538  ET WEB_CLIENT Firefox Plugin Parameter EnsureCachedAttrParamArrays Remote Code Execution Attempt; [1,2
9,0232015/01/20 2011537  ET WEB_CLIENT PDF Name Representation Obfuscation of OpenAction; [1
9,0222015/01/20 2011536  ET WEB_CLIENT PDF Name Representation Obfuscation of Pages; [1
9,0212015/01/20 2011535  ET WEB_CLIENT PDF Name Representation Obfuscation of JS; [1
9,0202015/01/20 2011534  ET DELETED PDF Name Representation Obfuscation of JBIG2Decode, Very Likely Memory Corruption Attempt; [1,2
9,0192015/01/20 2011533  ET WEB_CLIENT PDF Name Representation Obfuscation of URL; [1
9,0182015/01/20 2011532  ET WEB_CLIENT PDF Name Representation Obfuscation of Javascript; [1
9,0172015/01/20 2011531  ET WEB_CLIENT PDF Name Representation Obfuscation of Type; [1
9,0162015/01/20 2011530  ET WEB_CLIENT PDF Name Representation Obfuscation of EmbeddedFile; [1
9,0152015/01/20 2011529  ET WEB_CLIENT PDF Name Representation Obfuscation of Action; [1
9,0142015/01/20 2011528  ET WEB_CLIENT PDF Name Representation Obfuscation of /Subtype; [1
9,0132015/01/20 2011527  ET NETBIOS windows recycler .exe request - suspicious; [1,2
9,0122015/01/20 2011526  ET NETBIOS windows recycler request - suspicious; [1,2,3,4
< 361  362  363  364  365  366  367  368  369  370 >
GigaVPN & GigaIPS is based MikroTik, Suricata and EmergingThreats.
Copyright ⓒ 2010 . All Rights Reserved.