시그니처 리스트, Signature List
번호날짜ID시그니처 (Total Ruleset: 27,111개)
8,5612015/01/20 2010984  ET WEB_SPECIFIC_APPS Joomla com_quicknews Component newsid Parameter INSERT INTO SQL Injection Attempt; [1
8,5602015/01/20 2010983  ET WEB_SPECIFIC_APPS Joomla com_quicknews Component newsid Parameter UNION SELECT SQL Injection Attempt; [1
8,5592015/01/20 2010982  ET WEB_SPECIFIC_APPS Joomla com_quicknews Component newsid Parameter DELETE FROM SQL Injection Attempt; [1
8,5582015/01/20 2010981  ET WEB_SPECIFIC_APPS Joomla com_quicknews Component newsid Parameter SELECT FROM SQL Injection Attempt; [1
8,5572015/01/20 2010980  ET WEB_SPECIFIC_APPS IBM ENOVIA SmarTeam v5 LoginPage.aspx Cross Site Scripting Attempt; [1,2
8,5562015/01/20 2010979  ET WEB_SPECIFIC_APPS ispCP Omega admin1.template.php Remote File Inclusion Attempt; [1,2
8,5552015/01/20 2010978  ET ACTIVEX IE ActiveX control Exec method Remote code execution Attempt; [1,2
8,5542015/01/20 2010977  ET ACTIVEX AOL 9.5 ActiveX control Import method Heap Overflow Attempt; [1,2
8,5532015/01/20 2010976  ET WEB_SPECIFIC_APPS JcomBand toolbar ActiveX Control isRegistered Property Buffer Overflow Attempt; [1,2,3
8,5522015/01/20 2010975  ET TROJAN Unruy Downloader Checkin; [1,2,3,4
8,5512015/01/20 2010973  ET TROJAN Vobfus/Changeup/Chinky Download Command; [1,2,3,4,5,6
8,5502015/01/20 2010972  ET POLICY Possible ProxyShell Hide IP Installation file download; [1,2
8,5492015/01/20 2010970  ET WEB_SERVER HP OpenView Network Node Manager OvWebHelp.exe Heap Buffer Overflow Attempt; [1
8,5482015/01/20 2010969  ET POLICY Possible ProxyShell Anonymous Access Connection; [1
8,5472015/01/20 2010968  ET WEB_CLIENT Possible Foxit/Adobe PDF Reader Launch Action Remote Code Execution Attempt; [1,2,3,4,5,6,7,8
8,5462015/01/20 2010967  ET WEB_SERVER SHOW TABLES SQL Injection Attempt in URI; [1,2,3
8,5452015/01/20 2010966  ET WEB_SERVER SHOW CURDATE/CURTIME SQL Injection Attempt in URI; [1,2,3,4
8,5442015/01/20 2010965  ET WEB_SERVER SHOW VARIABLES SQL Injection Attempt in URI; [1,2,3
8,5432015/01/20 2010964  ET WEB_SERVER SHOW CHARACTER SET SQL Injection Attempt in URI; [1,2,3
8,5422015/01/20 2010963  ET WEB_SERVER SELECT USER SQL Injection Attempt in URI; [1,2
8,5412015/01/20 2010962  ET ACTIVEX AOL 9.5 Phobos.Playlist Import ActiveX Buffer Overflow Attempt; [1,2
8,5402015/01/20 2010961  ET WEB_CLIENT Wscript Shell Run Attempt - Likely Hostile; [1,2
8,5392015/01/20 2010960  ET SCAN WhatWeb Web Application Fingerprint Scanner Default User-Agent Detected; [1,2
8,5382015/01/20 2010959  ET ACTIVEX Possible Symantec Antivirus 10.0 Client Proxy ActiveX Control Buffer Overflow Function Call Attempt; [1,2,3
8,5372015/01/20 2010958  ET ACTIVEX Possible Symantec Antivirus 10.0 Client Proxy ActiveX Control Buffer Overflow Attempt; [1,2,3
8,5362015/01/20 2010957  ET ACTIVEX SAP GUI SAPBExCommonResources ActiveX Insecure Method Code Execution Attempt; [1,2
8,5352015/01/20 2010956  ET SCAN Skipfish Web Application Scan Detected (2); [1,2,3
8,5342015/01/20 2010954  ET SCAN crimscanner User-Agent detected; [1
8,5332015/01/20 2010953  ET SCAN Skipfish Web Application Scan Detected; [1,2,3
8,5322015/01/20 2010952  ET DELETED facebook activity; [1,2
8,5312015/01/20 2010951  ET WEB_SPECIFIC_APPS Joomla com_hdflvplayer Component id Parameter UPDATE SET SQL Injection Attempt; [1,2
8,5302015/01/20 2010950  ET WEB_SPECIFIC_APPS Joomla com_hdflvplayer Component id Parameter INSERT INTO SQL Injection Attempt; [1,2
8,5292015/01/20 2010949  ET WEB_SPECIFIC_APPS Joomla com_hdflvplayer Component id Parameter UNION SELECT SQL Injection Attempt; [1,2
8,5282015/01/20 2010948  ET WEB_SPECIFIC_APPS Joomla com_hdflvplayer Component id Parameter DELETE FROM SQL Injection Attempt; [1,2
8,5272015/01/20 2010947  ET WEB_SPECIFIC_APPS Joomla com_hdflvplayer Component id Parameter SELECT FROM SQL Injection Attempt; [1,2
8,5262015/01/20 2010946  ET WEB_SPECIFIC_APPS Yahoo CD Player ActiveX Open Stack Overflow Function Call; [1,2
8,5252015/01/20 2010945  ET WEB_SPECIFIC_APPS Yahoo CD Player ActiveX Open Stack Overflow Attempt; [1,2
8,5242015/01/20 2010944  ET ACTIVEX Viscom Movie Player Pro SDK ActiveX DrawText method Buffer Overflow Function Call; [1,2,3
8,5232015/01/20 2010943  ET ACTIVEX SoftCab Sound Converter ActiveX SaveFormat File overwrite Attempt; [1,2
8,5222015/01/20 2010942  ET WEB_SPECIFIC_APPS Joomla Component com_jcollection controller Parameter Local File Inclusion Attempt; [1,2
8,5212015/01/20 2010941  ET EXPLOIT Possible Sendmail SpamAssassin Milter Plugin Remote Arbitrary Command Injection Attempt; [1,2,3
8,5202015/01/20 2010939  ET POLICY Suspicious inbound to PostgreSQL port 5432; [1
8,5192015/01/20 2010938  ET POLICY Suspicious inbound to mSQL port 4333; [1
8,5182015/01/20 2010937  ET POLICY Suspicious inbound to mySQL port 3306; [1
8,5172015/01/20 2010936  ET POLICY Suspicious inbound to Oracle SQL port 1521; [1
8,5162015/01/20 2010935  ET POLICY Suspicious inbound to MSSQL port 1433; [1
8,5152015/01/20 2010934  ET MALWARE Infobox3 Spyware User-Agent (InfoBox); [1
8,5142015/01/20 2010932  ET TROJAN Dropper Checkin 2 (often scripts.dlv4.com related); [1
8,5132015/01/20 2010931  ET WEB_CLIENT Possible IE iepeers.dll Use-after-free Code Execution Attempt; [1,2,3,4,5
8,5122015/01/20 2010930  ET ACTIVEX Foxit Reader ActiveX OpenFile method Remote Code Execution Function Call; [1,2
< 371  372  373  374  375  376  377  378  379  380 >
GigaVPN & GigaIPS is based MikroTik, Suricata and EmergingThreats.
Copyright ⓒ 2010 . All Rights Reserved.