시그니처 리스트, Signature List
번호날짜ID시그니처 (Total Ruleset: 27,111개)
12,1612015/01/20 2014973  ET DELETED Blackhole - Landing Page Requested - /*.php?*=16HexChar;  
12,1602015/01/20 2014972  ET CURRENT_EVENTS HeapLib JS Library; [1
12,1592015/01/20 2014971  ET CURRENT_EVENTS JS.Runfore Malware Campaign Request; [1,2,3
12,1582015/01/20 2014970  ET CURRENT_EVENTS Runforestrun Malware Campaign Infected Website; [1,2,3
12,1572015/01/20 2014969  ET CURRENT_EVENTS Unknown - Java Exploit Requested - 13-14Alpha.jar;  
12,1562015/01/20 2014968  ET DELETED Unknown - Payload Download - 9Alpha1Digit.exe;  
12,1552015/01/20 2014967  ET CURRENT_EVENTS - Landing Page Requested - 15Alpha1Digit.php;  
12,1542015/01/20 2014966  ET CURRENT_EVENTS Generic - PDF with NEW PDF EXPLOIT;  
12,1532015/01/20 2014965  ET DELETED Hacked Website Response '/*qhk6sa6g1c*/' Jun 25 2012; [1
12,1522015/01/20 2014964  ET DELETED Hacked Website Response '/*km0ae9gr6m*/' Jun 25 2012; [1
12,1512015/01/20 2014963  ET TROJAN W32/Armageddon CnC Checkin;  
12,1502015/01/20 2014962  ET TROJAN W32/Nutiliers.A Downloader CnC Checkin - Request Encrypted Response;  
12,1492015/01/20 2014961  ET TROJAN W32/Scar CnC Checkin;  
12,1482015/01/20 2014960  ET CURRENT_EVENTS Base64 - Landing Page Received - base64encode(GetOs();  
12,1472015/01/20 2014959  ET CURRENT_EVENTS Base64 - Java Exploit Requested - /1Digit;  
12,1462015/01/20 2014958  ET TROJAN Backdoor Win32/Hupigon.CK Server Idle;  
12,1452015/01/20 2014957  ET TROJAN Backdoor Win32/Hupigon.CK Client Idle;  
12,1442015/01/20 2014956  ET TROJAN Backdoor Win32/Hupigon.CK Server Checkin;  
12,1432015/01/20 2014955  ET TROJAN Backdoor Win32/Hupigon.CK Client Checkin;  
12,1422015/01/20 2014954  ET INFO Vulnerable iTunes Version 10.6.x;  
12,1412015/01/20 2014953  ET TROJAN Capfire4 Checkin (update machine status); [1
12,1402015/01/20 2014952  ET TROJAN Capfire4 Checkin (register machine); [1
12,1392015/01/20 2014951  ET WEB_SPECIFIC_APPS Nagios XI view parameter Cross-Site Scripting Attempt; [1
12,1382015/01/20 2014950  ET WEB_SPECIFIC_APPS Nagios XI div parameter Cross-Site Scripting Attempt; [1
12,1372015/01/20 2014949  ET WEB_SPECIFIC_APPS Wordpress Plugins Wp-ImageZoom file parameter Remote File Disclosure Vulnerability; [1
12,1362015/01/20 2014948  ET WEB_SPECIFIC_APPS WordPress Simple Download Button Shortcode Plugin Arbitrary File Disclosure Vulnerability; [1
12,1352015/01/20 2014947  ET WEB_SPECIFIC_APPS WordPress Thinkun Remind Plugin dirPath Remote File Disclosure Vulnerability; [1
12,1342015/01/20 2014946  ET WEB_SPECIFIC_APPS WHCMS smarty Parameter Remote File inclusion Attempt 2; [1
12,1332015/01/20 2014945  ET WEB_SPECIFIC_APPS WHCMS banco Parameter Remote File inclusion Attempt; [1
12,1322015/01/20 2014944  ET WEB_SPECIFIC_APPS WHCMS smarty Parameter Remote File inclusion Attempt; [1
12,1312015/01/20 2014943  ET ACTIVEX Possible Autodesk MapGuide Viewer ActiveX LayersViewWidth Method Access Denial of Service 2; [1
12,1302015/01/20 2014942  ET ACTIVEX Possible Autodesk MapGuide Viewer ActiveX LayersViewWidth Method Access Denial of Service; [1
12,1292015/01/20 2014941  ET POLICY TOR .exit Pseudo TLD DNS Query; [1
12,1282015/01/20 2014940  ET CURRENT_EVENTS Blackhole RawValue Exploit PDF;  
12,1272015/01/20 2014939  ET POLICY DNS Query for TOR Hidden Domain .onion Accessible Via TOR; [1
12,1262015/01/20 2014938  ET WEB_CLIENT Potential MSXML2.DOMDocument Uninitialized Memory Corruption CVE-2012-1889;  
12,1252015/01/20 2014937  ET DELETED Blackhole - Blackhole Java Exploit request to Trop.jar;  
12,1242015/01/20 2014936  ET CURRENT_EVENTS FoxxySoftware - Landing Page Received - applet and 0px;  
12,1232015/01/20 2014935  ET CURRENT_EVENTS FoxxySoftware - Landing Page Received - foxxysoftware;  
12,1222015/01/20 2014934  ET CURRENT_EVENTS FoxxySoftware - Landing Page - eval(function(p,a,c,;  
12,1212015/01/20 2014933  ET TROJAN Win32/Bicololo.Dropper ne_unik CnC Server Response;  
12,1202015/01/20 2014932  ET POLICY DynDNS CheckIp External IP Address Server Response;  
12,1192015/01/20 2014931  ET CURRENT_EVENTS Blackhole Landing Please wait a moment Jun 20 2012;  
12,1182015/01/20 2014930  ET CURRENT_EVENTS Obfuscated Javascript redirecting to badness 21 June 2012;  
12,1172015/01/20 2014929  ET CURRENT_EVENTS Request to .in FakeAV Campaign June 19 2012 exe or zip; [1
12,1162015/01/20 2014928  ET CURRENT_EVENTS Unknown - Java Request .jar from dl.dropbox.com;  
12,1152015/01/20 2014927  ET CURRENT_EVENTS Unknown Java Malicious Jar /eeltff.jar;  
12,1142015/01/20 2014926  ET INFO PDF embedded in XDP file (Possibly Malicious); [1
12,1132015/01/20 2014925  ET INFO NetSSH SSH Version String Hardcoded in Metasploit; [1
12,1122015/01/20 2014924  ET CURRENT_EVENTS DRIVEBY Incognito Payload Requested /getfile.php by Java Client;  
< 291  292  293  294  295  296  297  298  299  300 >
GigaVPN & GigaIPS is based MikroTik, Suricata and EmergingThreats.
Copyright ⓒ 2010 . All Rights Reserved.