시그니처 리스트, Signature List
번호날짜ID시그니처 (Total Ruleset: 27,111개)
9,5112015/01/20 2012159  ET WEB_SPECIFIC_APPS Informacion General informacion_general.php SELECT FROM SQL Injection Attempt; [1
9,5102015/01/20 2012158  ET ACTIVEX Possible Microsoft WMI Administration Tools WEBSingleView.ocx ActiveX Buffer Overflow Attempt; [1,2
9,5092015/01/20 2012157  ET ACTIVEX Possible Microsoft WMI Administration Tools WEBSingleView.ocx ActiveX Buffer Overflow Attempt Function Call; [1,2
9,5082015/01/20 2012156  ET DELETED Possible Adobe Reader 9.4 doc.printSeps Memory Corruption Attempt;  
9,5072015/01/20 2012155  ET EXPLOIT Wireshark ENTTEC DMX Data Processing Code Execution Attempt 2; [1
9,5062015/01/20 2012154  ET EXPLOIT Wireshark ENTTEC DMX Data Processing Code Execution Attempt 1; [1
9,5052015/01/20 2012153  ET WEB_CLIENT Microsoft Office Visio DXF File Processing Remote Code Execution; [1,2,3
9,5042015/01/20 2012152  ET WEB_CLIENT DXF Extension File Detection Access Flowbit Set;  
9,5032015/01/20 2012151  ET WEB_SERVER PHP Large Subnormal Double Precision Floating Point Number PHP DoS Inbound; [1
9,5022015/01/20 2012150  ET WEB_SERVER PHP Large Subnormal Double Precision Floating Point Number PHP DoS in URI; [1
9,5012015/01/20 2012149  ET WEB_CLIENT MS10-090 IE CSS Exploit Metasploit POC Specific Unicoded; [1
9,5002015/01/20 2012148  ET ACTIVEX dBpowerAMP Audio Player 2 FileExists Method ActiveX Buffer Overflow; [1
9,4992015/01/20 2012147  ET ACTIVEX Advanced File Vault Activex Heap Spray Attempt; [1
9,4982015/01/20 2012146  ET ACTIVEX ImageShack Toolbar Remote Code Execution; [1
9,4972015/01/20 2012145  ET ACTIVEX Netcraft Toolbar Remote Code Execution; [1
9,4962015/01/20 2012144  ET DELETED Possible Malware Related Numerical .co Domain Lookup; [1,2
9,4952015/01/20 2012143  ET WEB_CLIENT Microsoft Windows MPEG Layer-3 Audio Decoder Buffer Overflow; [1,2,3
9,4942015/01/20 2012142  ET WEB_CLIENT AVI RIFF Chunk Access Flowbit Set;  
9,4932015/01/20 2012141  ET POLICY Protocol 41 IPv6 encapsulation potential 6in4 IPv6 tunnel active; [1
9,4922015/01/20 2012140  ET MOBILE_MALWARE Android Trojan Command and Control Communication; [1
9,4912015/01/20 2012139  ET TROJAN Storm/Waledac 3.0 Checkin 2;  
9,4902015/01/20 2012137  ET TROJAN Storm/Waledac 3.0 Checkin 1;  
9,4892015/01/20 2012136  ET TROJAN Waledac 2.0/Storm Worm 3.0 GET request detected;  
9,4882015/01/20 2012135  ET SMTP IBM Lotus Domino iCalendar Email Address Stack Buffer Overflow Attempt; [1
9,4872015/01/20 2012134  ET ACTIVEX SigPlus Pro 3.74 ActiveX LCDWriteString Method Remote Buffer Overflow; [1
9,4862015/01/20 2012133  ET ACTIVEX FathFTP 1.8 EnumFiles Method ActiveX Buffer Overflow; [1
9,4852015/01/20 2012132  ET DELETED p2pshare.org Malware Related Activity;  
9,4842015/01/20 2012131  ET WEB_SPECIFIC_APPS Joomla Seyret Video com_seyret Component Blind SQL Injection Attempt; [1,2
9,4832015/01/20 2012130  ET WEB_SPECIFIC_APPS myBloggie mybloggie_root_path Parameter Remote File Inclusion Attempt; [1,2
9,4822015/01/20 2012129  ET WEB_SPECIFIC_APPS MaticMarket modulename Parameter Local File Inclusion Attempt-8; [1,2
9,4812015/01/20 2012128  ET WEB_SPECIFIC_APPS MaticMarket modulename Parameter Local File Inclusion Attempt-7; [1,2
9,4802015/01/20 2012127  ET WEB_SPECIFIC_APPS MaticMarket modulename Parameter Local File Inclusion Attempt-6; [1,2
9,4792015/01/20 2012126  ET WEB_SPECIFIC_APPS MaticMarket modulename Parameter Local File Inclusion Attempt-5; [1,2
9,4782015/01/20 2012125  ET WEB_SPECIFIC_APPS MaticMarket modulename Parameter Local File Inclusion Attempt-4; [1,2
9,4772015/01/20 2012124  ET WEB_SPECIFIC_APPS MaticMarket modulename Parameter Local File Inclusion Attempt-3; [1,2
9,4762015/01/20 2012123  ET WEB_SPECIFIC_APPS MaticMarket modulename Parameter Local File Inclusion Attempt-2; [1,2
9,4752015/01/20 2012122  ET WEB_SPECIFIC_APPS MaticMarket modulename Parameter Local File Inclusion Attempt-1; [1,2
9,4742015/01/20 2012121  ET DELETED Adobe Reader and Acrobat U3D File Invalid Array Index Remote Code Execution Attempt; [1,2
9,4732015/01/20 2012120  ET SHELLCODE Possible Usage of Actionscript ByteArray writeByte Function to Build Shellcode; [1
9,4722015/01/20 2012119  ET WEB_CLIENT Possible Hex Obfuscation Usage On Webpage; [1,2
9,4712015/01/20 2012118  ET CURRENT_EVENTS http string in hex Likely Obfuscated Exploit Redirect;  
9,4702015/01/20 2012117  ET WEB_SERVER Successful DD-WRT Information Disclosure; [1
9,4692015/01/20 2012116  ET WEB_SERVER DD-WRT Information Disclosure Attempt; [1
9,4682015/01/20 2012115  ET DNS DNS Query for a Suspicious Malware Related Numerical .in Domain; [1,2
9,4672015/01/20 2012114  ET TROJAN Trojan.BackDoor-DRV.gen.c Reporting-2; [1,2
9,4662015/01/20 2012113  ET TROJAN Trojan.BackDoor-DRV.gen.c Reporting-1; [1,2
9,4652015/01/20 2012112  ET SHELLCODE Possible Encoded ? NOP SLED; [1,2,3
9,4642015/01/20 2012111  ET SHELLCODE Possible UTF-16 ? NOP SLED; [1,2,3
9,4632015/01/20 2012110  ET SHELLCODE Possible UTF-8 %u90 NOP SLED; [1,2,3
9,4622015/01/20 2012109  ET WEB_CLIENT Hex Obfuscation of String.fromCharCode %u UTF-16 Encoding; [1,2
< 351  352  353  354  355  356  357  358  359  360 >
GigaVPN & GigaIPS is based MikroTik, Suricata and EmergingThreats.
Copyright ⓒ 2010 . All Rights Reserved.