시그니처 리스트, Signature List
번호날짜ID시그니처 (Total Ruleset: 27,111개)
9,5612015/01/20 2012211  ET WEB_SPECIFIC_APPS Tunngavik CMS id Parameter SELECT FROM SQL Injection Attempt; [1
9,5602015/01/20 2012210  ET DELETED DNS Lookup of Twitter m28sx Worm; [1
9,5592015/01/20 2012209  ET DELETED m28sx twitter worm redirect access; [1
9,5582015/01/20 2012208  ET TROJAN FAKEAV CryptMEN pack.exe Payload Download;  
9,5572015/01/20 2012207  ET DELETED Possible Twitter Worm Attack; [1
9,5562015/01/20 2012206  ET ACTIVEX Novell iPrint ActiveX GetDriverSettings Remote Code Execution Attempt; [1,2
9,5552015/01/20 2012205  ET WEB_CLIENT Possible Malicious String.fromCharCode with charCodeAt String;  
9,5542015/01/20 2012204  ET SCAN Modified Sipvicious Sundayddr Scanner (sipsscuser); [1,2,3
9,5532015/01/20 2012203  ET DELETED DNS Lookup of Known BlackEnergy DDOS Botnet CnC Server globdomain.ru; [1,2
9,5522015/01/20 2012202  ET DELETED DNS Lookup of Known BlackEnergy DDOS Botnet CnC Server greenter.ru; [1,2
9,5512015/01/20 2012201  ET WORM Possible Worm Sohanad.Z or Other Infection Request for setting.nql; [1
9,5502015/01/20 2012200  ET TROJAN Possible Worm W32.Svich or Other Infection Request for setting.doc; [1
9,5492015/01/20 2012199  ET TROJAN Possible Worm W32.Svich or Other Infection Request for setting.xls; [1
9,5482015/01/20 2012198  ET TROJAN Possible Worm W32.Svich or Other Infection Request for setting.ini; [1,2
9,5472015/01/20 2012197  ET SHELLCODE Possible Unescape Encoded Content With Split String Obfuscation 2; [1,2
9,5462015/01/20 2012196  ET SHELLCODE Possible Unescape Encoded Content With Split String Obfuscation; [1,2
9,5452015/01/20 2012195  ET DELETED Nginx Serving EXE/DLL File Often Malware Related;  
9,5442015/01/20 2012194  ET ACTIVEX Real Networks RealPlayer SP RecordClip Method Remote Code Execution Attempt;  
9,5432015/01/20 2012193  ET EXPLOIT Lexmark Printer RDYMSG Cross Site Scripting Attempt; [1
9,5422015/01/20 2012192  ET ACTIVEX NewV SmartClient NewvCommon.ocx DelFile Method Arbitrary File Deletion Attempt; [1
9,5412015/01/20 2012191  ET WEB_SPECIFIC_APPS Zimplit CMS file Parameter Cross Site Scripting Attempt; [1
9,5402015/01/20 2012190  ET WEB_SPECIFIC_APPS Zimplit CMS client Parameter Cross Site Scripting Attempt; [1
9,5392015/01/20 2012189  ET WEB_SPECIFIC_APPS phpscripte24 Vor und Ruckwarts Auktions System Blind SQL Injection Attempt; [1
9,5382015/01/20 2012187  ET WEB_SPECIFIC_APPS bizdir.cgi f_srch Parameter Cross Site Scripting Attempt; [1
9,5372015/01/20 2012186  ET WEB_SPECIFIC_APPS axdcms aXconf Parameter Local File Inclusion Attempt; [1
9,5362015/01/20 2012185  ET WEB_SPECIFIC_APPS Nucleus PLUGINADMIN.php Remote File Inclusion Attempt; [1
9,5352015/01/20 2012184  ET WEB_SPECIFIC_APPS Nucleus server.php Remote File Inclusion Attempt; [1
9,5342015/01/20 2012183  ET DELETED Possible Open SIP Relay scanner Fake Eyebeam User-Agent Detected; [1
9,5332015/01/20 2012182  ET WEB_SPECIFIC_APPS Nucleus media.php Remote File Inclusion Attempt; [1
9,5322015/01/20 2012181  ET WEB_SPECIFIC_APPS Nucleus action.php Remote File Inclusion Attempt; [1
9,5312015/01/20 2012180  ET USER_AGENTS Suspicious User Agent no space;  
9,5302015/01/20 2012179  ET WEB_CLIENT Adobe Reader and Acrobat U3D File Invalid Array Index Remote Code Execution Attempt; [1,2
9,5292015/01/20 2012178  ET TROJAN Carberp CnC request POST /set/task.html;  
9,5282015/01/20 2012177  ET DELETED p2pshares.org Related Malware;  
9,5272015/01/20 2012176  ET MALWARE Lookup of Malware Domain twothousands.cm Likely Infection;  
9,5262015/01/20 2012174  ET EXPLOIT Microsoft Windows Common Control Library Heap Buffer Overflow; [1
9,5252015/01/20 2012173  ET WEB_CLIENT eval String.fromCharCode String Which May Be Malicious;  
9,5242015/01/20 2012172  ET MALWARE User-Agent (mrgud);  
9,5232015/01/20 2012171  ET INFO DYNAMIC_DNS Query to 3322.org Domain; [1,2,3,4
9,5222015/01/20 2012170  ET GAMES Blizzard Web Downloader Install Detected;  
9,5212015/01/20 2012169  ET TROJAN Potential Blackhole Exploit Pack Binary Load Request; [1
9,5202015/01/20 2012168  ET WEB_SPECIFIC_APPS Tiki Wiki CMS Groupware language Parameter Local File Inclusion Attempt; [1
9,5192015/01/20 2012167  ET WEB_SPECIFIC_APPS ndCMS editor.aspx index Parameter SQL Injection Attempt; [1
9,5182015/01/20 2012166  ET WEB_SPECIFIC_APPS Joomla Component com_xmovie file Parameter Local File Inclusion Attempt; [1
9,5172015/01/20 2012165  ET WEB_SPECIFIC_APPS Concrete DIR_FILES_BLOCK_TYPES_CORE Parameter Remote File Inclusion Attempt;  
9,5162015/01/20 2012164  ET WEB_SPECIFIC_APPS WORDPRESS Plugin Accept Signups email Parameter Cross Site Scripting Attempt; [1
9,5152015/01/20 2012163  ET WEB_SPECIFIC_APPS Informacion General informacion_general.php UPDATE SET SQL Injection Attempt; [1
9,5142015/01/20 2012162  ET WEB_SPECIFIC_APPS Informacion General informacion_general.php INSERT INTO SQL Injection Attempt; [1
9,5132015/01/20 2012161  ET WEB_SPECIFIC_APPS Informacion General informacion_general.php UNION SELECT SQL Injection Attempt; [1
9,5122015/01/20 2012160  ET WEB_SPECIFIC_APPS Informacion General informacion_general.php DELETE FROM SQL Injection Attempt; [1
< 351  352  353  354  355  356  357  358  359  360 >
GigaVPN & GigaIPS is based MikroTik, Suricata and EmergingThreats.
Copyright ⓒ 2010 . All Rights Reserved.