시그니처 리스트, Signature List
번호날짜ID시그니처 (Total Ruleset: 27,111개)
11,6112015/01/20 2014384  ET DOS Microsoft Remote Desktop (RDP) Syn then Reset 30 Second DoS Attempt;  
11,6102015/01/20 2014383  ET EXPLOIT Microsoft RDP Server targetParams Exploit Attempt; [1
11,6092015/01/20 2014382  ET POLICY HTTP OPTIONS invalid method case outbound; [1
11,6082015/01/20 2014381  ET POLICY HTTP HEAD invalid method case outbound; [1
11,6072015/01/20 2014380  ET POLICY HTTP POST invalid method case outbound; [1
11,6062015/01/20 2014379  ET POLICY HTTP GET invalid method case outbound; [1
11,6052015/01/20 2014378  ET CURRENT_EVENTS Blackhole/Cutwail Redirection Page 1;  
11,6042015/01/20 2014377  ET DELETED Cutwail Landing Page WAIT PLEASE;  
11,6032015/01/20 2014376  ET TROJAN Possible Zeus .ru CnC Domain Generation Algorithm (DGA) Lookup Detected;  
11,6022015/01/20 2014375  ET DELETED Possible Zeus .biz CnC Domain Generation Algorithm (DGA) Lookup NXDOMAIN Response;  
11,6012015/01/20 2014374  ET DELETED Possible Zeus .info CnC Domain Generation Algorithm (DGA) Lookup NXDOMAIN Response;  
11,6002015/01/20 2014373  ET DELETED Possible Zeus .ru CnC Domain Generation Algorithm (DGA) Lookup NXDOMAIN Response;  
11,5992015/01/20 2014372  ET TROJAN Possible Kelihos .eu CnC Domain Generation Algorithm (DGA) Lookup NXDOMAIN Response;  
11,5982015/01/20 2014371  ET DELETED Possible Kelihos .eu CnC Domain Generation Algorithm (DGA) Lookup Detected;  
11,5972015/01/20 2014370  ET TROJAN W32/GamesForum.InfoStealer Reporting to CnC;  
11,5962015/01/20 2014369  ET DELETED Blackhole Landing with prototype catch;  
11,5952015/01/20 2014368  ET CURRENT_EVENTS Blackhole qwe123 PDF;  
11,5942015/01/20 2014367  ET DELETED Banload Trojan Downloader Dropped Binary;  
11,5932015/01/20 2014366  ET TROJAN Suspicious User-Agent Post;  
11,5922015/01/20 2014365  ET TROJAN Backdoor.Graybird Checkin;  
11,5912015/01/20 2014364  ET TROJAN W32.Blocker Checkin;  
11,5902015/01/20 2014363  ET TROJAN Lookup of Algorithm Generated Zeus CnC Domain (DGA);  
11,5892015/01/20 2014362  ET CURRENT_EVENTS Likely Scalaxy Exploit Kit URL template download;  
11,5882015/01/20 2014361  ET TROJAN Win32/Protux.B Download Update;  
11,5872015/01/20 2014360  ET TROJAN Win32/Protux.B POST checkin;  
11,5862015/01/20 2014359  ET POLICY DNSWatch.info IP Check;  
11,5852015/01/20 2014358  ET TROJAN Backdoor.Win32.Riern.K Checkin Off Port;  
11,5842015/01/20 2014357  ET TROJAN W32/Kazy Checkin;  
11,5832015/01/20 2014356  ET TROJAN W32/ProxyChanger.InfoStealer Checkin;  
11,5822015/01/20 2014355  ET MALWARE W32/SoftonicDownloader.Adware User Agent;  
11,5812015/01/20 2014354  ET TROJAN W32/SCKeyLog.InfoStealer Installation Confirmation Via SMTP; [1
11,5802015/01/20 2014353  ET MALWARE W32/MediaGet.Adware Installer Download; [1
11,5792015/01/20 2014352  ET WEB_SERVER Possible SQL Injection Attempt char() Danmec related;  
11,5782015/01/20 2014351  ET DELETED RevProxy CnC List Request;  
11,5772015/01/20 2014350  ET DELETED RevProxy ClientPing;  
11,5762015/01/20 2014349  ET DELETED RevProxy ServerRespone;  
11,5752015/01/20 2014348  ET TROJAN RevProxy ClientHello;  
11,5742015/01/20 2014347  ET TROJAN Peed Checkin;  
11,5732015/01/20 2014346  ET CURRENT_EVENTS INBOUND Blackhole Java Exploit request similar to /content/jav.jar;  
11,5722015/01/20 2014345  ET POLICY Suspicious User Agent UpdateSoft;  
11,5712015/01/20 2014344  ET TROJAN W32/Coced.PasswordStealer User-Agent 5.0;  
11,5702015/01/20 2014343  ET TROJAN SMTP Subject Line Contains C Path and EXE Possible Trojan Reporting Execution Path/Binary Name;  
11,5692015/01/20 2014342  ET POLICY Snadboy.com Products User-Agent;  
11,5682015/01/20 2014341  ET POLICY Installshield One Click Install User-Agent Toys File;  
11,5672015/01/20 2014340  ET MALWARE W32/GameVance Adware User Agent; [1
11,5662015/01/20 2014339  ET MALWARE W32/GameVance Adware Checkin; [1
11,5652015/01/20 2014338  ET CURRENT_EVENTS RougeAV Wordpress Injection Campaign Compromised Page Served From Local Compromised Server; [1
11,5642015/01/20 2014337  ET CURRENT_EVENTS RogueAV Wordpress Injection Campaign Compromised Page Served to Local Client; [1
11,5632015/01/20 2014336  ET TROJAN Yayih.A Checkin; [1
11,5622015/01/20 2014335  ET WEB_CLIENT Adobe Flash Player Malformed MP4 Remote Code Execution Attempt; [1
< 311  312  313  314  315  316  317  318  319  320 >
GigaVPN & GigaIPS is based MikroTik, Suricata and EmergingThreats.
Copyright ⓒ 2010 . All Rights Reserved.