시그니처 리스트, Signature List
번호날짜ID시그니처 (Total Ruleset: 27,111개)
12,0612015/01/20 2014872  ET TROJAN Self Signed SSL Certificate (John Doe);  
12,0602015/01/20 2014871  ET TROJAN Self Signed SSL Certificate (Reaserch);  
12,0592015/01/20 2014870  ET CURRENT_EVENTS SN and CN From MS TS Revoked Cert Chain Seen; [1,2,3
12,0582015/01/20 2014869  ET SCAN Arachni Scanner Web Scan; [1,2
12,0572015/01/20 2014868  ET INFO DYNAMIC_DNS Query to dns-stuff.com Domain *.dns-stuff.com;  
12,0562015/01/20 2014867  ET INFO DYNAMIC_DNS HTTP Request to a dns-stuff.com Domain *.dns-stuff.com;  
12,0552015/01/20 2014866  ET CURRENT_EVENTS Redirect to driveby sid=mix;  
12,0542015/01/20 2014865  ET WEB_CLIENT MP4 Embedded in PDF File - Potential Flash Exploit; [1
12,0532015/01/20 2014864  ET TROJAN W32.Gimemo/Aldibot CnC POST; [1
12,0522015/01/20 2014863  ET DELETED W32.Tinba/Zusy Banking Trojan Hardcoded CnC Domain Request - d4ak4otavolandos.com; [1
12,0512015/01/20 2014862  ET DELETED W32.Tinba/Zusy Banking Trojan Hardcoded CnC Domain Request - d3akotav33olandos.com; [1
12,0502015/01/20 2014861  ET DELETED W32.Tinba/Zusy Banking Trojan Hardcoded CnC Domain Request - dako22tavol2andos.com; [1
12,0492015/01/20 2014860  ET DELETED W32.Tinba/Zusy Banking Trojan Hardcoded CnC Domain Request - dak1otavola1ndos.com; [1
12,0482015/01/20 2014859  ET DELETED W32.Tinba/Zusy Banking Trojan Hardcoded CnC Domain Request - dakotavolandos.com; [1
12,0472015/01/20 2014858  ET CURRENT_EVENTS Blackhole Fraudulent Paypal Mailing Server Response June 04 2012;  
12,0462015/01/20 2014857  ET TROJAN FakeAvCn-A Checkin 3;  
12,0452015/01/20 2014856  ET TROJAN FakeAvCn-A Checkin 2;  
12,0442015/01/20 2014855  ET TROJAN FakeAvCn-A Checkin 1;  
12,0432015/01/20 2014854  ET CURRENT_EVENTS Likely TDS redirecting to exploit kit;  
12,0422015/01/20 2014853  ET CURRENT_EVENTS Sakura Exploit Kit Version 1.1 Applet Value lxxt; [1
12,0412015/01/20 2014852  ET CURRENT_EVENTS Possible Sakura Exploit Kit Version 1.1 document.write Fake 404 - Landing Page; [1
12,0402015/01/20 2014851  ET CURRENT_EVENTS Sakura Exploit Kit Version 1.1 Archive Request; [1
12,0392015/01/20 2014850  ET TROJAN Flamer WuSetupV module traffic 2;  
12,0382015/01/20 2014849  ET TROJAN Flamer WuSetupV module traffic 1;  
12,0372015/01/20 2014848  ET CURRENT_EVENTS webshell used In timthumb attacks GIF98a 16129xX with PHP; [1
12,0362015/01/20 2014847  ET CURRENT_EVENTS php with eval/gzinflate/base64_decode possible webshell; [1
12,0352015/01/20 2014846  ET CURRENT_EVENTS Wordpress timthumb look-alike domain list RFI; [1
12,0342015/01/20 2014845  ET DELETED Probable Golfhole exploit kit binary download #2;  
12,0332015/01/20 2014844  ET DELETED Probable Golfhole exploit kit landing page #2;  
12,0322015/01/20 2014843  ET TROJAN Blackhole Exploit Kit Request tkr;  
12,0312015/01/20 2014842  ET TROJAN Blackhole Loading Gif Inline Image;  
12,0302015/01/20 2014841  ET TROJAN Possible Feodo/Cridex Traffic Detected;  
12,0292015/01/20 2014840  ET WEB_SPECIFIC_APPS Exponent file parameter Local File Inclusion Attempt; [1
12,0282015/01/20 2014839  ET WEB_SPECIFIC_APPS WordPress PDF and Print Button Joliprint plugin opt parameter Cross-Site Scripting Attempt; [1
12,0272015/01/20 2014838  ET WEB_SPECIFIC_APPS WordPress PDF and Print Button Joliprint plugin type parameter Cross-Site Scripting Attempt; [1
12,0262015/01/20 2014837  ET WEB_SPECIFIC_APPS Joomla Jotloader component section parameter Local File Inclusion Attempt; [1
12,0252015/01/20 2014836  ET WEB_SPECIFIC_APPS DynPG CMS PathToRoot Parameter Remote File inclusion Attempt; [1
12,0242015/01/20 2014835  ET ACTIVEX Possible SonicWALL SSL-VPN End-Point Interrogator/Installer ActiveX Control Install3rdPartyComponent Method Buffer Overflow; [1
12,0232015/01/20 2014834  ET ACTIVEX Possible LEADTOOLS ActiveX Raster Twain AppName Method Access Buffer Overflow 2; [1
12,0222015/01/20 2014833  ET ACTIVEX Possible LEADTOOLS ActiveX Raster Twain AppName Method Access Buffer Overflow; [1
12,0212015/01/20 2014832  ET ACTIVEX Possible Wireless Manager Sony VAIO ConnectToNetwork Method Access Buffer Overflow; [1
12,0202015/01/20 2014831  ET ACTIVEX Possible Wireless Manager Sony VAIO SetTmpProfileOption Method Access Buffer Overflow; [1
12,0192015/01/20 2014830  ET CURRENT_EVENTS Redkit Java Exploit request to .class file;  
12,0182015/01/20 2014829  ET CURRENT_EVENTS Post Express Spam Inbound;  
12,0172015/01/20 2014828  ET CURRENT_EVENTS UPS Spam Inbound;  
12,0162015/01/20 2014827  ET CURRENT_EVENTS FedEX Spam Inbound;  
12,0152015/01/20 2014826  ET TROJAN Virus.Win32.Sality.aa Checkin;  
12,0142015/01/20 2014825  ET CURRENT_EVENTS Blackhole Landing Page Script Profile ASD;  
12,0132015/01/20 2014824  ET DELETED Redkit Java Exploit request to b.class;  
12,0122015/01/20 2014823  ET CURRENT_EVENTS Blackhole Malicious PDF asdvsa;  
< 301  302  303  304  305  306  307  308  309  310 >
GigaVPN & GigaIPS is based MikroTik, Suricata and EmergingThreats.
Copyright ⓒ 2010 . All Rights Reserved.