시그니처 리스트, Signature List
번호날짜ID시그니처 (Total Ruleset: 27,111개)
11,5612015/01/20 2014334  ET CURRENT_EVENTS Compromised Wordpress Redirect; [1
11,5602015/01/20 2014333  ET DELETED OSX/Flashback Checkin via Twitter Hashtag Pepbyfadxeoa; [1
11,5592015/01/20 2014332  ET POLICY Coral Web Proxy/Content Distribution Net Use; [1
11,5582015/01/20 2014331  ET TROJAN Trojan.Win32.Genome.aetqe Checkin;  
11,5572015/01/20 2014330  ET TROJAN Kelihos/Hlux GET jucheck.exe from CnC; [1
11,5562015/01/20 2014329  ET WEB_SPECIFIC_APPS Snipsnap search Cross Site Scripting Attempt; [1
11,5552015/01/20 2014328  ET WEB_SPECIFIC_APPS Joomla com_boss controller Local File Inclusion Attempt; [1
11,5542015/01/20 2014327  ET WEB_SPECIFIC_APPS starCMS q parameter Cross Site Scripting Attempt; [1
11,5532015/01/20 2014326  ET ACTIVEX ASUS Net4Switch ActiveX CxDbgPrint Format String Function Call Attempt; [1
11,5522015/01/20 2014325  ET ACTIVEX ASUS Net4Switch ipswcom.dll ActiveX Stack Buffer Overflow; [1
11,5512015/01/20 2014324  ET WEB_SPECIFIC_APPS Fork-CMS js.php module parameter Local File Inclusion Attempt; [1
11,5502015/01/20 2014323  ET WEB_SPECIFIC_APPS Joomla com_bch controller Local File Inclusion Attempt; [1
11,5492015/01/20 2014322  ET WEB_SPECIFIC_APPS b2evolution skins_path Parameter Remote File inclusion Attempt; [1
11,5482015/01/20 2014321  ET WEB_SPECIFIC_APPS b2evolution inc_path Parameter Remote File inclusion Attempt; [1
11,5472015/01/20 2014320  ET WEB_SPECIFIC_APPS ButorWiki service Parameter Cross Site Scripting Attempt; [1
11,5462015/01/20 2014319  ET CURRENT_EVENTS Dadong Java Exploit Requested;  
11,5452015/01/20 2014318  ET CURRENT_EVENTS Clickpayz redirection to *.clickpayz.com;  
11,5442015/01/20 2014317  ET TROJAN ZeuS Clickfraud List Delivered To Client;  
11,5432015/01/20 2014316  ET CURRENT_EVENTS DRIVEBY Incognito libtiff PDF Exploit Recieved;  
11,5422015/01/20 2014315  ET CURRENT_EVENTS DRIVEBY Incognito libtiff PDF Exploit Requested;  
11,5412015/01/20 2014314  ET CURRENT_EVENTS DRIVEBY Incognito Payload Download /load/*exe;  
11,5402015/01/20 2014313  ET POLICY Executable Download From DropBox;  
11,5392015/01/20 2014312  ET TROJAN W32/NSIS.TrojanDownloader Second Stage Download Instructions from Server;  
11,5382015/01/20 2014310  ET TROJAN RegSubsDat Checkin; [1
11,5372015/01/20 2014309  ET TROJAN W32/LockScreen Scareware Geolocation Request; [1,2
11,5362015/01/20 2014308  ET CURRENT_EVENTS Obfuscated Content Using Dadongs JSXX 0.41 VIP Obfuscation Script; [1
11,5352015/01/20 2014307  ET TROJAN W32/SelfStarterInternet.InfoStealer Checkin;  
11,5342015/01/20 2014306  ET TROJAN W32/Backdoor.BlackMonay Checkin;  
11,5332015/01/20 2014305  ET TROJAN W32/TCYWin.Downloader User-Agent;  
11,5322015/01/20 2014304  ET POLICY External IP Lookup Attempt To Wipmania;  
11,5312015/01/20 2014303  ET TROJAN W32/Koobface Variant Checkin Attempt;  
11,5302015/01/20 2014302  ET TROJAN Suspicious HTTP Referer C Drive Path;  
11,5292015/01/20 2014301  ET CURRENT_EVENTS DRIVEBY Blackhole - Payload Download - readme.exe;  
11,5282015/01/20 2014300  ET TROJAN Win32/Kryptik.ABUD Checkin;  
11,5272015/01/20 2014299  ET DELETED Blackhole Java Exploit request to /content/viewer.jar;  
11,5262015/01/20 2014298  ET CURRENT_EVENTS Blackhole obfuscated Javascript 171 charcodes >= 48;  
11,5252015/01/20 2014297  ET POLICY Vulnerable Java Version 1.7.x Detected; [1,2
11,5242015/01/20 2014296  ET WEB_SERVER eval/base64_decode Exploit Attempt Inbound;  
11,5232015/01/20 2014295  ET CURRENT_EVENTS DRIVEBY Java Atomic Exploit Downloaded;  
11,5222015/01/20 2014294  ET CURRENT_EVENTS High Probability Blackhole Landing with catch qq;  
11,5212015/01/20 2014293  ET TROJAN Smart Fortress FakeAV/Kryptik.ABNC Checkin; [1
11,5202015/01/20 2014292  ET POLICY External IP Lookup;  
11,5192015/01/20 2014291  ET DELETED W32/Backdoor.Kbot Config Retrieval;  
11,5182015/01/20 2014290  ET TROJAN Backdoor.Win32.PEx.942728546 Checkin; [1
11,5172015/01/20 2014289  ET INFO HTTP Request to a 3322.org.cn Domain;  
11,5162015/01/20 2014288  ET TROJAN Java Archive sent when remote host claims to send an image;  
11,5152015/01/20 2014287  ET MALWARE Carder Card Checking Tool try2check.me SSL Certificate on Off Port;  
11,5142015/01/20 2014286  ET MALWARE Carder Card Checking Tool try2check.me SSL Certificate;  
11,5132015/01/20 2014285  ET DNS DNS Query for Suspicious .ch.vu Domain; [1
11,5122015/01/20 2014284  ET CURRENT_EVENTS Blackhole Exploit Pack HCP exploit 4;  
< 311  312  313  314  315  316  317  318  319  320 >
GigaVPN & GigaIPS is based MikroTik, Suricata and EmergingThreats.
Copyright ⓒ 2010 . All Rights Reserved.