시그니처 리스트, Signature List
번호날짜ID시그니처 (Total Ruleset: 27,111개)
12,8612015/01/20 2015684  ET DELETED Blackhole alt URL request Sep 05 2012 bv6rcs3v1ithi.php?w=; [1
12,8602015/01/20 2015683  ET CURRENT_EVENTS Unknown Java Exploit Kit with fast-flux like behavior hostile java archive - Sep 05 2012;  
12,8592015/01/20 2015682  ET CURRENT_EVENTS Unknown Java Exploit Kit with fast-flux like behavior static initial landing - Sep 05 2012;  
12,8582015/01/20 2015681  ET CURRENT_EVENTS Unknown Java Exploit Kit with fast-flux like behavior hostile FQDN - Sep 05 2012;  
12,8572015/01/20 2015680  ET CURRENT_EVENTS Blackhole Java applet with obfuscated URL Nov 09 2012;  
12,8562015/01/20 2015679  ET CURRENT_EVENTS Probable Sakura exploit kit landing page with obfuscated URLs;  
12,8552015/01/20 2015678  ET CURRENT_EVENTS Sakura exploit kit exploit download request /view.php;  
12,8542015/01/20 2015677  ET DELETED Sakura exploit kit binary download request /out.php;  
12,8532015/01/20 2015676  ET CURRENT_EVENTS Unknown Java Exploit Kit Payload Download Request - Sep 04 2012;  
12,8522015/01/20 2015675  ET INFO SimpleTDS go.php (sid);  
12,8512015/01/20 2015674  ET INFO 3XX redirect to data URL;  
12,8502015/01/20 2015673  ET TROJAN Trojan.JS.QLP Checkin;  
12,8492015/01/20 2015672  ET CURRENT_EVENTS Unknown Exploit Kit redirect;  
12,8482015/01/20 2015671  ET INFO Adobe PDF in HTTP Flowbit Set;  
12,8472015/01/20 2015670  ET CURRENT_EVENTS Unknown Exploit Kit suspected Blackhole;  
12,8462015/01/20 2015669  ET CURRENT_EVENTS Malicious Redirect n.php h=*&s=*; [1,2,3
12,8452015/01/20 2015668  ET CURRENT_EVENTS FlimKit/Other - Landing Page - 100HexChar value and applet;  
12,8442015/01/20 2015667  ET CURRENT_EVENTS NeoSploit - Version Enumerated - null;  
12,8432015/01/20 2015666  ET CURRENT_EVENTS NeoSploit - Version Enumerated - Java;  
12,8422015/01/20 2015665  ET CURRENT_EVENTS NeoSploit - TDS;  
12,8412015/01/20 2015664  ET DELETED NeoSploit - PDF Exploit Requested;  
12,8402015/01/20 2015663  ET DELETED NeoSploit - Obfuscated Payload Requested;  
12,8392015/01/20 2015662  ET CURRENT_EVENTS - Blackhole Admin Login Inbound;  
12,8382015/01/20 2015661  ET CURRENT_EVENTS Blackhole Admin bhadmin.php access Inbound;  
12,8372015/01/20 2015660  ET CURRENT_EVENTS - Blackhole Admin Login Outbound;  
12,8362015/01/20 2015659  ET CURRENT_EVENTS Blackhole Admin bhadmin.php access Outbound;  
12,8352015/01/20 2015658  ET CURRENT_EVENTS Possible Metasploit Java Exploit; [1,2
12,8342015/01/20 2015657  ET CURRENT_EVENTS Possible Metasploit Java Payload; [1,2
12,8332015/01/20 2015656  ET DELETED 0day JRE 17 exploit Class 2; [1
12,8322015/01/20 2015655  ET DELETED 0day JRE 17 exploit Class 1; [1
12,8312015/01/20 2015654  ET DELETED Blackhole Landing try catch try catch math eval Aug 27 2012;  
12,8302015/01/20 2015653  ET TROJAN Rogue.Win32/Winwebsec Install;  
12,8292015/01/20 2015652  ET DELETED Blackhole Java applet with obfuscated URL 23 Aug 2012;  
12,8282015/01/20 2015651  ET DELETED Blackhole Javascript 23 Aug 2012 split join split applet;  
12,8272015/01/20 2015649  ET DELETED Fake AV base64 affid initial Landing or owned Check-In, asset owned if /callback/ in URI;  
12,8262015/01/20 2015648  ET DELETED Blackhole Exploit Kit Landing - Aug 21 2012;  
12,8252015/01/20 2015647  ET CURRENT_EVENTS Unknown Exploit Kit seen with O1/O2.class /search;  
12,8242015/01/20 2015646  ET CURRENT_EVENTS Unknown Exploit Kit seen with O1/O2.class /form;  
12,8232015/01/20 2015645  ET WEB_SPECIFIC_APPS Joomla com_g2bridge controller parameter Local File Inclusion Attempt; [1
12,8222015/01/20 2015644  ET ACTIVEX Possible Electronic Arts SnoopyCtrl ActiveX Control Buffer Overflow 2; [1
12,8212015/01/20 2015643  ET ACTIVEX Possible Electronic Arts SnoopyCtrl ActiveX Control Buffer Overflow; [1,2
12,8202015/01/20 2015642  ET WEB_SPECIFIC_APPS MindTouch Deki Wiki wgDekiPluginPath parameter Local File Inclusion Attempt; [1
12,8192015/01/20 2015641  ET WEB_SPECIFIC_APPS MindTouch Deki Wiki deki_plugin.php Local File Inclusion Attempt; [1
12,8182015/01/20 2015640  ET WEB_SPECIFIC_APPS MindTouch Deki Wiki link.php Local File Inclusion Attempt; [1
12,8172015/01/20 2015639  ET WEB_SPECIFIC_APPS MindTouch Deki Wiki wgDekiPluginPath parameter Remote File Inclusion Attempt; [1
12,8162015/01/20 2015638  ET WEB_SPECIFIC_APPS MindTouch Deki Wiki deki_plugin.php Remote File Inclusion Attempt; [1
12,8152015/01/20 2015637  ET WEB_SPECIFIC_APPS MindTouch Deki Wiki link.php Remote File Inclusion Attempt; [1
12,8142015/01/20 2015636  ET ACTIVEX Possible CA eTrust PestPatrol ActiveX Control Buffer Overflow; [1
12,8132015/01/20 2015635  ET TROJAN Backdoor.Briba Checkin; [1
12,8122015/01/20 2015634  ET INFO DYNAMIC_DNS HTTP Request to Abused Domain *.mooo.com;  
< 281  282  283  284  285  286  287  288  289  290 >
GigaVPN & GigaIPS is based MikroTik, Suricata and EmergingThreats.
Copyright ⓒ 2010 . All Rights Reserved.