시그니처 리스트, Signature List
번호날짜ID시그니처 (Total Ruleset: 27,111개)
11,7112015/01/20 2014485  ET INFO DYNAMIC_DNS HTTP Request to a *.bbsindex.com Domain;  
11,7102015/01/20 2014484  ET INFO DYNAMIC_DNS Query to a *.bbsindex.com Domain;  
11,7092015/01/20 2014483  ET INFO DYNAMIC_DNS HTTP Request to a *.b0ne.com Domain;  
11,7082015/01/20 2014482  ET INFO DYNAMIC_DNS Query to a *.b0ne.com Domain;  
11,7072015/01/20 2014481  ET INFO DYNAMIC_DNS HTTP Request to a *.4irc.com Domain;  
11,7062015/01/20 2014480  ET INFO DYNAMIC_DNS Query to a *.4irc.com Domain;  
11,7052015/01/20 2014479  ET INFO DYNAMIC_DNS HTTP Request to a *.3d-game.com Domain;  
11,7042015/01/20 2014478  ET INFO DYNAMIC_DNS Query to a *.3d-game.com Domain;  
11,7032015/01/20 2014477  ET TROJAN HTTP Request to Zaletelly CnC Domain atserverxx.info; [1
11,7022015/01/20 2014476  ET TROJAN HTTP Request to Zaletelly CnC Domain zaletellyxx.be; [1
11,7012015/01/20 2014475  ET INFO JAVA - Java Class Download By Vulnerable Client;  
11,7002015/01/20 2014474  ET INFO JAVA - Java Class Download;  
11,6992015/01/20 2014473  ET INFO JAVA - Java Archive Download By Vulnerable Client;  
11,6982015/01/20 2014472  ET INFO JAVA - Java Archive Download;  
11,6972015/01/20 2014471  ET POLICY DRIVEBY Generic - EXE Download by Java;  
11,6962015/01/20 2014470  ET CURRENT_EVENTS Likely Blackhole PDF served from iframe; [1
11,6952015/01/20 2014468  ET TROJAN Win32.Datamaikon Checkin myAgent; [1
11,6942015/01/20 2014467  ET TROJAN Win32.Datamaikon Checkin NewAgent; [1
11,6932015/01/20 2014466  ET TROJAN Win32.Datamaikon Checkin;  
11,6922015/01/20 2014465  ET TROJAN DwnLdr-JMZ Downloading Binary 2; [1
11,6912015/01/20 2014464  ET TROJAN DwnLdr-JMZ Downloading Binary; [1
11,6902015/01/20 2014463  ET WEB_CLIENT Internet Explorer CTableRowCellsCollectionCacheItem.GetNext Memory Use-After-Free Attempt; [1,2
11,6892015/01/20 2014462  ET TROJAN LuckyCat/TROJ_WIMMIE Checkin; [1,2
11,6882015/01/20 2014461  ET EXPLOIT Java Atomic Reference Exploit Attempt Metasploit Specific; [1
11,6872015/01/20 2014460  ET DELETED Zeus CnC Checkin POST to Config.php; [1
11,6862015/01/20 2014459  ET P2P QVOD P2P Sharing Traffic detected (tcp);  
11,6852015/01/20 2014458  ET CURRENT_EVENTS Italian Spam Campaign;  
11,6842015/01/20 2014457  ET DELETED Blackhole Exploit Kit JAR from //Home/; [1
11,6832015/01/20 2014456  ET ACTIVEX TRENDnet TV-IP121WN UltraMJCam ActiveX Control OpenFileDlg Access Potential Remote Stack Buffer Overflow 2; [1
11,6822015/01/20 2014455  ET ACTIVEX TRENDnet TV-IP121WN UltraMJCam ActiveX Control OpenFileDlg Access Potential Remote Stack Buffer Overflow; [1
11,6812015/01/20 2014454  ET ACTIVEX Quest InTrust Annotation Objects ActiveX Control Add Access Potential Remote Code Execution 2; [1
11,6802015/01/20 2014453  ET ACTIVEX Quest InTrust Annotation Objects ActiveX Control Add Access Potential Remote Code Execution; [1
11,6792015/01/20 2014452  ET ACTIVEX Dell Webcam CrazyTalk ActiveX Control BackImage Access Potential Buffer Overflow Attempt 2; [1
11,6782015/01/20 2014451  ET ACTIVEX Dell Webcam CrazyTalk ActiveX Control BackImage Access Potential Buffer Overflow Attempt; [1
11,6772015/01/20 2014450  ET WEB_SPECIFIC_APPS WordPress Mini Mail Dashboard Widget abspath Remote File inclusion Attempt; [1
11,6762015/01/20 2014449  ET WEB_SPECIFIC_APPS Event Calendar PHP cal_year Parameter Cross Site Scripting Attempt; [1
11,6752015/01/20 2014448  ET WEB_SPECIFIC_APPS WEB-PHP Wordpress enable-latex plugin url Remote File inclusion Attempt; [1
11,6742015/01/20 2014447  ET CURRENT_EVENTS Possible Dynamic Dns Exploit Pack Java exploit;  
11,6732015/01/20 2014446  ET CURRENT_EVENTS Possible Dynamic DNS Exploit Pack Landing Page /de/sN;  
11,6722015/01/20 2014445  ET CURRENT_EVENTS Possible Dynamic DNS Exploit Pack Payload;  
11,6712015/01/20 2014444  ET CURRENT_EVENTS DRIVEBY Blackhole - Page redirecting to driveby;  
11,6702015/01/20 2014443  ET DELETED DRIVEBY Blackhole - Landing Page Recieved - applet and flowbit;  
11,6692015/01/20 2014442  ET CURRENT_EVENTS DRIVEBY Blackhole - Landing Page Requested - *.php?*=16HexCharacters in http_uri;  
11,6682015/01/20 2014441  ET CURRENT_EVENTS DRIVEBY Blackhole - Landing Page Requested - /Home/index.php;  
11,6672015/01/20 2014440  ET CURRENT_EVENTS DRIVEBY Blackhole - Payload Download - scandsk.exe;  
11,6662015/01/20 2014439  ET TROJAN IRC Bot Download http Command;  
11,6652015/01/20 2014438  ET CURRENT_EVENTS DRIVEBY Unknown - news=1 in http_cookie;  
11,6642015/01/20 2014437  ET TROJAN FakeAV Landing Page - Initializing Protection System;  
11,6632015/01/20 2014436  ET DELETED Blackhole Java Exploit request to /Pol.jar;  
11,6622015/01/20 2014435  ET TROJAN Infostealer.Banprox Proxy.pac Download;  
< 301  302  303  304  305  306  307  308  309  310 >
GigaVPN & GigaIPS is based MikroTik, Suricata and EmergingThreats.
Copyright ⓒ 2010 . All Rights Reserved.