시그니처 리스트, Signature List
번호날짜ID시그니처 (Total Ruleset: 27,111개)
8,2612015/01/20 2010656  ET WEB_SPECIFIC_APPS OSSIM repository_attachment.php UPDATE SET SQL Injection Attempt; [1,2
8,2602015/01/20 2010655  ET WEB_SPECIFIC_APPS OSSIM repository_attachment.php INSERT INTO SQL Injection Attempt; [1,2
8,2592015/01/20 2010654  ET WEB_SPECIFIC_APPS OSSIM repository_attachment.php UNION SELECT SQL Injection Attempt; [1,2
8,2582015/01/20 2010653  ET WEB_SPECIFIC_APPS OSSIM repository_attachment.php DELETE FROM SQL Injection Attempt; [1,2
8,2572015/01/20 2010652  ET WEB_SPECIFIC_APPS OSSIM repository_attachment.php SELECT FROM SQL Injection Attempt; [1,2
8,2562015/01/20 2010651  ET TROJAN Lethic Spambot CnC Bot Transaction Relay; [1,2
8,2552015/01/20 2010650  ET TROJAN Lethic Spambot CnC Bot Command Confirmation; [1,2
8,2542015/01/20 2010649  ET TROJAN Lethic Spambot CnC Connect Command (port 25 specifically); [1,2
8,2532015/01/20 2010648  ET TROJAN Lethic Spambot CnC Connect Command; [1,2
8,2522015/01/20 2010647  ET TROJAN Lethic Spambot CnC Initial Connect Bot Response; [1,2
8,2512015/01/20 2010646  ET TROJAN Lethic Spambot CnC Initial Connect; [1,2
8,2502015/01/20 2010645  ET POLICY User-Agent (Launcher); [1
8,2492015/01/20 2010644  ET DELETED UPS Spam Inbound;  
8,2482015/01/20 2010643  ET SCAN Multiple FTP Administrator Login Attempts from Single Source - Possible Brute Force Attempt; [1
8,2472015/01/20 2010642  ET SCAN Multiple FTP Root Login Attempts from Single Source - Possible Brute Force Attempt; [1
8,2462015/01/20 2010641  ET SCAN ICMP @hello request, Likely Precursor to Scan; [1
8,2452015/01/20 2010640  ET WEB_SPECIFIC_APPS Joomla com_jphoto Component Id Parameter UPDATE SET SQL Injection Attempt; [1
8,2442015/01/20 2010639  ET WEB_SPECIFIC_APPS Joomla com_jphoto Component Id Parameter INSERT INTO SQL Injection Attempt; [1
8,2432015/01/20 2010638  ET WEB_SPECIFIC_APPS Joomla com_jphoto Component Id Parameter UNION SELECT SQL Injection Attempt; [1
8,2422015/01/20 2010637  ET WEB_SPECIFIC_APPS Joomla com_jphoto Component Id Parameter DELETE FROM SQL Injection Attempt; [1
8,2412015/01/20 2010636  ET WEB_SPECIFIC_APPS Joomla com_jphoto Component Id Parameter SELECT FROM SQL Injection Attempt; [1
8,2402015/01/20 2010631  ET WEB_SPECIFIC_APPS MyFusion last_seen_users_panel.php settings Parameter Local File Inclusion Attempt; [1,2,3
8,2392015/01/20 2010630  ET MALWARE Generic Adware Install Report; [1
8,2382015/01/20 2010629  ET DELETED MySpace Spam Inbound; [1
8,2372015/01/20 2010628  ET TROJAN Likely FakeAV/Fakeinit/FraudLoad Checkin; [1,2
8,2362015/01/20 2010627  ET TROJAN Likely FakeAV/Fakeinit/FraudLoad Checkin; [1,2
8,2352015/01/20 2010626  ET TROJAN Likely FakeAV/Fakeinit/FraudLoad Checkin; [1,2
8,2342015/01/20 2010625  ET TROJAN FakeAV Landing Page (aid,sid); [1,2
8,2332015/01/20 2010624  ET DOS Possible Cisco PIX/ASA Denial Of Service Attempt (Hping Created Packets); [1,2,3,4
8,2322015/01/20 2010623  ET WEB_SERVER Cisco IOS HTTP Server Exec Command Execution Attempt; [1,2
8,2312015/01/20 2010622  ET WEB_SERVER Possible Cisco Subscriber Edge Services Manager Cross Site Scripting/HTML Injection Attempt; [1,2
8,2302015/01/20 2010621  ET WEB_SERVER SQL Injection Attempt (Agent CZ32ts); [1,2
8,2292015/01/20 2010620  ET WEB_SPECIFIC_APPS Mamboleto Joomla component mamboleto.php Remote File Inclusion Attempt; [1,2,3
8,2282015/01/20 2010619  ET WEB_SPECIFIC_APPS phpBMS invoices_discount_ajax.php id Parameter UPDATE SET SQL Injection Attempt; [1,2,3
8,2272015/01/20 2010618  ET WEB_SPECIFIC_APPS phpBMS invoices_discount_ajax.php id Parameter INSERT INTO SQL Injection Attempt; [1,2,3
8,2262015/01/20 2010617  ET WEB_SPECIFIC_APPS phpBMS invoices_discount_ajax.php id Parameter UNION SELECT SQL Injection Attempt; [1,2,3
8,2252015/01/20 2010616  ET WEB_SPECIFIC_APPS phpBMS invoices_discount_ajax.php id Parameter DELETE FROM SQL Injection Attempt; [1,2,3
8,2242015/01/20 2010615  ET WEB_SPECIFIC_APPS phpBMS invoices_discount_ajax.php id Parameter SELECT FROM SQL Injection Attempt; [1,2,3
8,2232015/01/20 2010614  ET ACTIVEX HP Openview NNM ActiveX Subscribe method Memory corruption Attempt; [1,2
8,2222015/01/20 2010613  ET ACTIVEX HP Openview NNM ActiveX InstallComponent method Memory corruption Attempt; [1,2
8,2212015/01/20 2010612  ET ACTIVEX HP Openview NNM ActiveX AddGroup method Memory corruption Attempt; [1,2
8,2202015/01/20 2010611  ET ACTIVEX HP Openview NNM ActiveX DisplayName method Memory corruption Attempt; [1,2
8,2192015/01/20 2010610  ET WEB_SPECIFIC_APPS RoseOnline CMS LFI Attempt; [1,2
8,2182015/01/20 2010609  ET WEB_SPECIFIC_APPS Helpdesk Pilot Knowledge Base SQL Injection Attempt; [1,2
8,2172015/01/20 2010608  ET WEB_SPECIFIC_APPS iPortal X gallery_show.asp GID parameter Blind SQL Injection Attempt; [1,2
8,2162015/01/20 2010607  ET WEB_SPECIFIC_APPS XOOPS Module dictionary 2.0.18 (detail.php) SQL Injection Attempt; [1,2
8,2152015/01/20 2010606  ET WEB_SPECIFIC_APPS Joomla Component com_kkcontent Blind SQL Injection Attempt; [1,2
8,2142015/01/20 2010605  ET WEB_SPECIFIC_APPS Mambo Component com_viewfulllisting SQL Injection Attempt; [1,2
8,2132015/01/20 2010604  ET WEB_SPECIFIC_APPS PozScripts Classified Ads 'store_info.php' SQL Injection Attempt; [1,2
8,2122015/01/20 2010602  ET WEB_SPECIFIC_APPS ClarkConnect Linux proxy.php XSS Attempt; [1,2
< 371  372  373  374  375  376  377  378  379  380 >
GigaVPN & GigaIPS is based MikroTik, Suricata and EmergingThreats.
Copyright ⓒ 2010 . All Rights Reserved.