시그니처 리스트, Signature List
번호날짜ID시그니처 (Total Ruleset: 27,111개)
11,2612015/01/20 2014031  ET CURRENT_EVENTS DRIVEBY Generic Java Rhino Scripting Engine Exploit Previously Requested com.class;  
11,2602015/01/20 2014030  ET POLICY Rebate Informer User-Agent (REBATEINF); [1
11,2592015/01/20 2014029  ET TROJAN Agent.UGP!tr/Cryptor/Graftor Dropper Requesting exe;  
11,2582015/01/20 2014028  ET TROJAN Likely CryptMEN FakeAV Download vclean;  
11,2572015/01/20 2014027  ET CURRENT_EVENTS Obfuscated Base64 in Javascript probably Scalaxy exploit kit;  
11,2562015/01/20 2014026  ET DELETED Scalaxy exploit kit binary download request;  
11,2552015/01/20 2014025  ET CURRENT_EVENTS Probable Scalaxy exploit kit Java or PDF exploit request;  
11,2542015/01/20 2014024  ET CURRENT_EVENTS Probable Scalaxy exploit kit secondary request;  
11,2532015/01/20 2014023  ET TROJAN Gootkit Scanner User-Agent Outbound;  
11,2522015/01/20 2014022  ET SCAN Gootkit Scanner User-Agent Inbound;  
11,2512015/01/20 2014021  ET TROJAN Gootkit Checkin User-Agent 2;  
11,2502015/01/20 2014020  ET WEB_SERVER Wordpress Login Bruteforcing Detected;  
11,2492015/01/20 2014019  ET DELETED Kargany Loader Obfuscated Payload Download;  
11,2482015/01/20 2014018  ET WEB_SERVER JBoss jmx-console Access Control Bypass Attempt;  
11,2472015/01/20 2014017  ET WEB_SERVER JBoss jmx-console Probe;  
11,2462015/01/20 2014015  ET DELETED TROJAN LDPinch Loader Binary Request;  
11,2452015/01/20 2014014  ET TROJAN Zeus Checkin Header Pattern;  
11,2442015/01/20 2014012  ET TROJAN Smokeloader getload Command; [1,2
11,2432015/01/20 2014011  ET TROJAN Smokeloader getsock Command;  
11,2422015/01/20 2014010  ET TROJAN Smokeloader getproxy Command;  
11,2412015/01/20 2014009  ET TROJAN Smokeloader getgrab Command;  
11,2402015/01/20 2014008  ET TROJAN Backdoor.Win32.Sykipot Get Config Request; [1,2
11,2392015/01/20 2014007  ET TROJAN Backdoor.Win32.Sykipot Put; [1,2
11,2382015/01/20 2014006  ET TROJAN Backdoor.Win32.Sykipot Checkin; [1,2
11,2372015/01/20 2014005  ET DELETED DNS Query for Sykipot C&C www.prettylikeher.com; [1
11,2362015/01/20 2014004  ET MALWARE Win32/SWInformer.B Checkin; [1
11,2352015/01/20 2014003  ET TROJAN VBKrypt.dytr Checkin; [1
11,2342015/01/20 2014002  ET TROJAN Fake Variation of Mozilla 4.0 - Likely Trojan;  
11,2332015/01/20 2014001  ET USER_AGENTS W32/Kazy User-Agent (Windows NT 5.1 \; v.) space infront of semi-colon;  
11,2322015/01/20 2013999  ET MALWARE W32/Adware.Ibryte User-Agent (ic Windows NT 5.1 MSIE 6.0 Firefox/ Def);  
11,2312015/01/20 2013998  ET TROJAN W32/Jorik DDOS Instructions From CnC Server;  
11,2302015/01/20 2013997  ET CURRENT_EVENTS Adobe PDF Universal 3D file corrupted download 2; [1
11,2292015/01/20 2013996  ET CURRENT_EVENTS Adobe PDF Universal 3D file corrupted download 1; [1
11,2282015/01/20 2013995  ET WEB_CLIENT PDF With Embedded U3D; [1
11,2272015/01/20 2013994  ET DELETED LDPinch Loader Binary Request;  
11,2262015/01/20 2013993  ET WEB_SPECIFIC_APPS Cacti Input Validation Attack 2; [1,2,3
11,2252015/01/20 2013992  ET CURRENT_EVENTS Blackhole hostile PDF v2;  
11,2242015/01/20 2013991  ET CURRENT_EVENTS Blackhole hostile PDF v1;  
11,2232015/01/20 2013990  ET CURRENT_EVENTS Blackhole Exploit Kit hostile PDF qwe123;  
11,2222015/01/20 2013989  ET WEB_SPECIFIC_APPS Joomla component img Local File Inclusion Attempt; [1
11,2212015/01/20 2013988  ET WEB_SPECIFIC_APPS Zabbix popup.php INSERT INTO SQL Injection Vulnerability; [1
11,2202015/01/20 2013987  ET WEB_SPECIFIC_APPS Zabbix popup.php UPDATE SET SQL Injection Vulnerability; [1
11,2192015/01/20 2013986  ET WEB_SPECIFIC_APPS Zabbix popup.php UNION SELECT SQL Injection Vulnerability; [1
11,2182015/01/20 2013985  ET WEB_SPECIFIC_APPS Zabbix popup.php DELETE FROM SQL Injection Vulnerability; [1
11,2172015/01/20 2013984  ET WEB_SPECIFIC_APPS Zabbix popup.php SELECT FROM SQL Injection Vulnerability; [1
11,2162015/01/20 2013983  ET MALWARE Adware-Win32/EoRezo Reporting; [1
11,2152015/01/20 2013982  ET WEB_SPECIFIC_APPS Web File Browser file Parameter Local File Inclusion Attempt; [1
11,2142015/01/20 2013981  ET WEB_SPECIFIC_APPS Orbis editor-body.php script Cross Site Scripting Attempt; [1
11,2132015/01/20 2013980  ET WEB_SPECIFIC_APPS Tinderbox.mozilla.org showbuilds.cgi Cross Site Scripting Attempt; [1
11,2122015/01/20 2013979  ET CURRENT_EVENTS Lilupophilupop Injected Script Being Served from Local Server;  
< 311  312  313  314  315  316  317  318  319  320 >
GigaVPN & GigaIPS is based MikroTik, Suricata and EmergingThreats.
Copyright ⓒ 2010 . All Rights Reserved.