시그니처 리스트, Signature List
번호날짜ID시그니처 (Total Ruleset: 27,111개)
13,3612015/01/20 2016214  ET TROJAN Red October/Win32.Digitalia Checkin cgi-bin/nt/th; [1
13,3602015/01/20 2016213  ET DELETED Blackhole Exploit Kit encoded PluginDetect Jan 15 2013;  
13,3592015/01/20 2016212  ET TROJAN BroBot POST;  
13,3582015/01/20 2016211  ET TROJAN W32/Karagany.Downloader CnC Beacon; [1,2
13,3572015/01/20 2016210  ET CURRENT_EVENTS Redkit Exploit Kit Three Numerical Character Naming Convention PDF Request; [1
13,3562015/01/20 2016209  ET MOBILE_MALWARE Android/CoolPaperLeak Sending Information To CnC; [1
13,3552015/01/20 2016208  ET TROJAN W32/Downloader Secondary Download Request - W32/Hupigon.Backdoor Likely Secondary Payload; [1
13,3542015/01/20 2016207  ET TROJAN W32/Iyus.H work_troy.php CnC Request; [1
13,3532015/01/20 2016206  ET TROJAN W32/Iyus.H Initial CnC Beacon; [1
13,3522015/01/20 2016205  ET TROJAN W32/Zemra.DDoS.Bot Variant CnC Beacon; [1,2
13,3512015/01/20 2016204  ET WEB_SERVER Possible CVE-2013-0156 Ruby On Rails XML YAML tag with !ruby; [1
13,3502015/01/20 2016203  ET WEB_SPECIFIC_APPS WordPress Gallery Plugin filename_1 Parameter Remote File Access Attempt; [1
13,3492015/01/20 2016202  ET WEB_SPECIFIC_APPS TinyBrowser upload.php file Script Execution Attempt; [1
13,3482015/01/20 2016201  ET WEB_SPECIFIC_APPS TinyBrowser edit.php file Script Execution Attempt; [1
13,3472015/01/20 2016200  ET WEB_SPECIFIC_APPS TinyBrowser tinybrowser.php file Script Execution Attempt; [1
13,3462015/01/20 2016199  ET WEB_SPECIFIC_APPS Adiscon LogAnalyzer viewid Cross-Site Scripting Attempt; [1
13,3452015/01/20 2016198  ET WEB_SPECIFIC_APPS Free Blog Arbitrary File Deletion Attempt; [1
13,3442015/01/20 2016197  ET ACTIVEX Possible Honeywell Tema Remote Installer ActiveX DownloadFromURL method Remote Code Execution; [1
13,3432015/01/20 2016196  ET WEB_SPECIFIC_APPS Dell OpenManage Server Administrator topic parameter XSS Attempt; [1
13,3422015/01/20 2016195  ET WEB_SPECIFIC_APPS WordPress Browser Rejector Plugin wppath Remote File Inclusion Attempt; [1
13,3412015/01/20 2016194  ET WEB_SPECIFIC_APPS Wordpress NextGEN Gallery plugin test-head parameter XSS Attempt; [1
13,3402015/01/20 2016193  ET CURRENT_EVENTS DRIVEBY Unknown - Landing Page Requested - /?Digit;  
13,3392015/01/20 2016192  ET CURRENT_EVENTS DRIVEBY Unknown - Please wait...;  
13,3382015/01/20 2016191  ET CURRENT_EVENTS CoolEK - Landing Page Received;  
13,3372015/01/20 2016190  ET CURRENT_EVENTS DRIVEBY SPL - Landing Page Received;  
13,3362015/01/20 2016189  ET TROJAN Midhos/Medfos downloader;  
13,3352015/01/20 2016188  ET DELETED Potential Zeus Binary Download - Specific PE Sections Structure; [1
13,3342015/01/20 2016187  ET TROJAN W32/Tobfy.Ransomware Invalid URI CnC Request -; [1
13,3332015/01/20 2016186  ET TROJAN W32/Tobfy.Ransomware CnC Request - status.php; [1
13,3322015/01/20 2016185  ET TROJAN Unknown Ransomware Checkin;  
13,3312015/01/20 2016184  ET WEB_SERVER ColdFusion administrator access; [1
13,3302015/01/20 2016183  ET WEB_SERVER ColdFusion adminapi access; [1
13,3292015/01/20 2016182  ET WEB_SERVER ColdFusion componentutils access; [1
13,3282015/01/20 2016181  ET SNMP missing community string attempt 4;  
13,3272015/01/20 2016180  ET SNMP missing community string attempt 3;  
13,3262015/01/20 2016179  ET SNMP missing community string attempt 2;  
13,3252015/01/20 2016178  ET SNMP missing community string attempt 1;  
13,3242015/01/20 2016177  ET TROJAN FakeAV security_scanner.exe;  
13,3232015/01/20 2016176  ET CURRENT_EVENTS Possible CVE-2013-0156 Ruby On Rails XML POST to Disallowed Type SYMBOL; [1
13,3222015/01/20 2016175  ET CURRENT_EVENTS Possible CVE-2013-0156 Ruby On Rails XML POST to Disallowed Type YAML; [1
13,3212015/01/20 2016174  ET CURRENT_EVENTS DRIVEBY RedKit - Landing Page;  
13,3202015/01/20 2016173  ET TROJAN Generic -POST To gate.php w/Extended ASCII Characters;  
13,3192015/01/20 2016172  ET TROJAN Generic -POST To file.php w/Extended ASCII Characters;  
13,3182015/01/20 2016171  ET TROJAN ProxyBox - HTTP CnC - proxy_info.php;  
13,3172015/01/20 2016170  ET CURRENT_EVENTS CVE-2012-4792 EIP in URI (2); [1,2
13,3162015/01/20 2016169  ET CURRENT_EVENTS Possible CrimeBoss Generic URL Structure;  
13,3152015/01/20 2016168  ET TROJAN Poison Ivy.2013Jan04 server response;  
13,3142015/01/20 2016167  ET TROJAN Poison Ivy.2013Jan04 victim beacon;  
13,3132015/01/20 2016166  ET CURRENT_EVENTS Blackhole Exploit Kit PluginDetect FromCharCode Jan 04 2013;  
13,3122015/01/20 2016165  ET WEB_SPECIFIC_APPS cPanel dir Parameter Cross Site Scripting Attempt; [1
< 271  272  273  274  275  276  277  278  279  280 >
GigaVPN & GigaIPS is based MikroTik, Suricata and EmergingThreats.
Copyright ⓒ 2010 . All Rights Reserved.