시그니처 리스트, Signature List
번호날짜ID시그니처 (Total Ruleset: 27,111개)
7,5112015/01/20 2009824  ET TROJAN Downloader.Win32.Delf followon POST Data PUSH Packet; [1,2
7,5102015/01/20 2009823  ET WEB_SERVER Attempt To Access MSSQL xp_enumdsn/xp_enumgroups/xp_ntsec_enumdomains Stored Procedure Via URI; [1,2,3,4
7,5092015/01/20 2009822  ET WEB_SERVER Attempt To Access MSSQL xp_readerrorlogs Stored Procedure Via URI to View Error Logs; [1,2,3
7,5082015/01/20 2009820  ET WEB_SERVER Attempt To Access MSSQL xp_enumerrorlogs Stored Procedure Via URI to View Error Logs; [1,2,3
7,5072015/01/20 2009819  ET WEB_SERVER Attempt To Access MSSQL xp_fileexist Stored Procedure Via URI to Locate Files On Disk; [1,2,3,4
7,5062015/01/20 2009818  ET WEB_SERVER Attempt To Access MSSQL xp_regread/xp_regwrite/xp_regdeletevalue/xp_regdeletekey Stored Procedure Via URI to Modify Registry; [1,2,3
7,5052015/01/20 2009817  ET WEB_SERVER Attempt To Access MSSQL sp_adduser Stored Procedure Via URI to Create New Database User; [1,2
7,5042015/01/20 2009816  ET WEB_SERVER Attempt To Access MSSQL xp_servicecontrol Stored Procedure Via URI; [1,2
7,5032015/01/20 2009815  ET WEB_SERVER Attempt To Access MSSQL xp_cmdshell Stored Procedure Via URI; [1,2,3
7,5022015/01/20 2009814  ET DELETED Downloader (Win32.Doneltart) Checkin - HTTP GET; [1
7,5012015/01/20 2009813  ET TROJAN Trojan.MyDNS DNSChanger - HTTP POST; [1
7,5002015/01/20 2009812  ET TROJAN AVKiller with Backdoor checkin; [1
7,4992015/01/20 2009811  ET TROJAN KillAV/Dropper/Mdrop/Hupigon - HTTP GET; [1
7,4982015/01/20 2009810  ET TROJAN Swizzor-based Downloader - Invalid User-Agent (Mozilla/4.0 (compatible MSIE 7.0 na .NET CLR 2.0.50727 .NET CLR 3.0.4506.2152 .NET CLR 3.5.30729)); [1,2
7,4972015/01/20 2009809  ET MALWARE Adware/Antivirus360 Config to client; [1
7,4962015/01/20 2009808  ET TROJAN Win32.Virut - GET; [1,2,3,4,5
7,4952015/01/20 2009807  ET MALWARE 2020search/PowerSearch Toolbar Adware/Spyware - GET; [1,2,3,4
7,4942015/01/20 2009806  ET TROJAN Poison Ivy RAT/Backdoor follow on POST Data PUSH Packet; [1,2,3
7,4932015/01/20 2009805  ET TROJAN Luder.B User-Agent (Mozilla/4.0 (SPGK)) - GET; [1,2,3
7,4922015/01/20 2009804  ET TROJAN Screenblaze SCR Related Backdoor - GET; [1,2,3,4,5
7,4912015/01/20 2009803  ET DELETED Downloader Generic - GET; [1
7,4902015/01/20 2009801  ET POLICY Carbonite.com Backup Software User-Agent (Carbonite Installer); [1
7,4892015/01/20 2009800  ET POLICY Carbonite.com Backup Software Leaking MAC Address; [1
7,4882015/01/20 2009799  ET WEB_SERVER PHP Attack Tool Morfeus F Scanner - M; [1,2
7,4872015/01/20 2009798  ET POLICY Carbonite Online Backup SSL Handshake; [1
7,4862015/01/20 2009797  ET DELETED Bifrose Response from victim; [1
7,4852015/01/20 2009796  ET MALWARE FakeAV Windows Protection Suite/ReleaseXP.exe User-Agent (Releasexp); [1
7,4842015/01/20 2009795  ET WEB_SPECIFIC_APPS Dog Pedigree Online Database managePerson.php personId Parameter SQL Injection; [1,2
7,4832015/01/20 2009794  ET WEB_SPECIFIC_APPS VidShare Pro listing_video.php catid Parameter SQL Injection; [1,2
7,4822015/01/20 2009793  ET WEB_SPECIFIC_APPS PHP Crawler footer.php footer_file Parameter Remote File Inclusion; [1,2
7,4812015/01/20 2009792  ET ACTIVEX Avax Vector avPreview.ocx ActiveX Control Buffer Overflow; [1,2,3
7,4802015/01/20 2009791  ET WEB_SPECIFIC_APPS GS Real Estate Portal email.php AgentID Parameter SQL Injection; [1,2,3,4
7,4792015/01/20 2009790  ET WEB_SPECIFIC_APPS beLive arch.php arch Parameter Local File Inclusion; [1,2,3
7,4782015/01/20 2009789  ET WEB_SPECIFIC_APPS TinyButStrong bs_us_examples_0view.php script Parameter Local File Inclusion; [1,2,3
7,4772015/01/20 2009788  ET WEB_SPECIFIC_APPS RSS-aggregator display.php path Parameter Remote File Inclusion; [1,2
7,4762015/01/20 2009787  ET WEB_SPECIFIC_APPS Community CMS view.php article_id Parameter SQL Injection; [1,2
7,4752015/01/20 2009785  ET MALWARE QVOD Related Spyware/Malware User-Agent (Qvod); [1,2,3
7,4742015/01/20 2009783  ET MALWARE RubyFortune Spyware Capabilities User-Agent (Microgaming Install Program) - GET; [1,2,3,4
7,4732015/01/20 2009780  ET WEB_SPECIFIC_APPS Joomla Full Path Disclosure -- content.php; [1,2
7,4722015/01/20 2009779  ET WEB_SPECIFIC_APPS Joomla Full Path Disclosure -- ldap.php; [1,2
7,4712015/01/20 2009778  ET WEB_SPECIFIC_APPS Joomla Full Path Disclosure -- php5x.php; [1,2
7,4702015/01/20 2009776  ET TROJAN Oficla Downloader Activity Observed; [1,2,3
7,4692015/01/20 2009773  ET WEB_SERVER Possible INSERT INTO SQL Injection In Cookie; [1,2,3,4
7,4682015/01/20 2009772  ET WEB_SERVER Possible DELETE FROM SQL Injection In Cookie; [1,2,3,4
7,4672015/01/20 2009771  ET WEB_SERVER Possible SELECT FROM SQL Injection In Cookie; [1,2,3,4
7,4662015/01/20 2009770  ET WEB_SERVER Possible UNION SELECT SQL Injection In Cookie; [1,2,3,4,5
7,4652015/01/20 2009769  ET SCAN SQL Power Injector SQL Injection User Agent Detected; [1,2,3
7,4642015/01/20 2009768  ET SCAN NBTStat Query Response to External Destination, Possible Windows Network Enumeration; [1,2
7,4632015/01/20 2009767  ET SCAN Multiple NBTStat Query Responses to External Destination, Possible Automated Windows Network Enumeration; [1,2
7,4622015/01/20 2009766  ET MALWARE IE Toolbar User-Agent (IEToolbar); [1
< 391  392  393  394  395  396  397  398  399  400 >
GigaVPN & GigaIPS is based MikroTik, Suricata and EmergingThreats.
Copyright ⓒ 2010 . All Rights Reserved.