시그니처 리스트, Signature List
번호날짜ID시그니처 (Total Ruleset: 27,111개)
8,1612015/01/20 2010549  ET WEB_SPECIFIC_APPS Barracuda Web Application Firewall 600 XSS attempt (backup_path); [1,2
8,1602015/01/20 2010548  ET WEB_SPECIFIC_APPS Barracuda Web Application Firewall 600 XSS attempt (backup_server); [1,2
8,1592015/01/20 2010547  ET WEB_SPECIFIC_APPS Barracuda Web Application Firewall 600 XSS attempt (backup_username); [1,2
8,1582015/01/20 2010546  ET EXPLOIT HP Open View Data Protector Buffer Overflow Attempt; [1,2
8,1572015/01/20 2010544  ET WEB_SPECIFIC_APPS F3Site2009 LFI Exploit Attempt (new.php); [1,2
8,1562015/01/20 2010543  ET WEB_SPECIFIC_APPS F3Site2009 LFI Exploit Attempt (poll.php); [1,2
8,1552015/01/20 2010542  ET WEB_SPECIFIC_APPS Joomla Component com_joomportfolio (secid) Blind SQL Injection Attempt; [1,2
8,1542015/01/20 2010541  ET WEB_SPECIFIC_APPS Joomla Component com_personel (id) Blind SQL Injection Attempt; [1,2
8,1532015/01/20 2010540  ET WEB_SPECIFIC_APPS Joomla Component com_jbook (Itemid) Blind SQL Injection Attempt; [1,2
8,1522015/01/20 2010539  ET WEB_SPECIFIC_APPS Joomla Component com_digistore (pid) Blind SQL Injection Attempt; [1,2
8,1512015/01/20 2010538  ET WEB_SPECIFIC_APPS Joomla Component com_acmis (Itemid) SQL Injection Attempt; [1,2
8,1502015/01/20 2010537  ET WEB_SPECIFIC_APPS Joomla Component com_zcalendar (eid) Blind SQL Injection Attempt; [1,2
8,1492015/01/20 2010536  ET WEB_SPECIFIC_APPS Joomla Component Event Manager 1.5 (id) Blind SQL Injection Attempt; [1,2
8,1482015/01/20 2010535  ET WEB_SPECIFIC_APPS Joomla Component City Portal (Itemid) Blind SQL Injection Attempt; [1,2
8,1472015/01/20 2010534  ET DELETED Malwareurl.com - potential oficla download (loadjavad.php); [1,2
8,1462015/01/20 2010532  ET DELETED Malwareurl.com - potential oficla download (annonce.pdf); [1,2
8,1452015/01/20 2010531  ET DELETED Possible PHP-Calendar configfile Remote .PHP File Inclusion Arbitrary Code Execution Attempt; [1,2
8,1442015/01/20 2010530  ET WEB_SPECIFIC_APPS Loggix Project RFI Attempt; [1,2
8,1432015/01/20 2010529  ET WEB_SPECIFIC_APPS Joomla component com_jinc (newsid) Blind SQL Injection Attempt; [1,2
8,1422015/01/20 2010528  ET WEB_SPECIFIC_APPS Joomla MyRemote Video Gallery (user_id) Blind SQL Injection Attempt; [1,2
8,1412015/01/20 2010527  ET WEB_CLIENT Possible HTTP 503 XSS Attempt (External Source); [1
8,1402015/01/20 2010526  ET WEB_SERVER Possible HTTP 503 XSS Attempt (Internal Source); [1
8,1392015/01/20 2010525  ET WEB_CLIENT Possible HTTP 500 XSS Attempt (External Source); [1
8,1382015/01/20 2010524  ET WEB_SERVER Possible HTTP 500 XSS Attempt (Internal Source); [1
8,1372015/01/20 2010522  ET WEB_CLIENT Possible HTTP 406 XSS Attempt (External Source); [1
8,1362015/01/20 2010521  ET WEB_SERVER Possible HTTP 406 XSS Attempt (Local Source); [1
8,1352015/01/20 2010520  ET WEB_CLIENT Possible HTTP 405 XSS Attempt (External Source); [1
8,1342015/01/20 2010519  ET WEB_SERVER Possible HTTP 405 XSS Attempt (Local Source); [1
8,1332015/01/20 2010518  ET WEB_CLIENT Possible HTTP 404 XSS Attempt (External Source); [1
8,1322015/01/20 2010517  ET WEB_SERVER Possible HTTP 404 XSS Attempt (Local Source); [1
8,1312015/01/20 2010516  ET WEB_CLIENT Possible HTTP 403 XSS Attempt (External Source); [1
8,1302015/01/20 2010515  ET WEB_SERVER Possible HTTP 403 XSS Attempt (Local Source); [1
8,1292015/01/20 2010514  ET WEB_CLIENT Possible HTTP 401 XSS Attempt (External Source); [1
8,1282015/01/20 2010513  ET WEB_SERVER Possible HTTP 401 XSS Attempt (Local Source); [1
8,1272015/01/20 2010512  ET TROJAN FakeAV FakeSmoke HTTP POST check-in; [1,2
8,1262015/01/20 2010511  ET WEB_SPECIFIC_APPS Sonicwall Global Management System XSS attempt (scrn_name parameter); [1,2
8,1252015/01/20 2010510  ET WEB_SPECIFIC_APPS Possible OSSIM uniqueid Parameter Remote Command Execution Attempt; [1,2
8,1242015/01/20 2010509  ET WEB_SPECIFIC_APPS Sonicwall NSA E7500 XSS attempt (fwReg parameter); [1,2
8,1232015/01/20 2010508  ET SCAN Springenwerk XSS Scanner User-Agent Detected; [1,2
8,1222015/01/20 2010507  ET WEB_SPECIFIC_APPS Possible APC Switched Rack PDU Web Administration Interface Cross Site Scripting Attempt; [1,2
8,1212015/01/20 2010506  ET WEB_SPECIFIC_APPS Cisco BBSM Captive Portal AccesCodeStart.asp Cross-Site Scripting Attempt; [1,2
8,1202015/01/20 2010505  ET WEB_SPECIFIC_APPS Cisco Adaptive Security Appliance WebVPN Cross Site Scripting Attempt; [1,2,3
8,1192015/01/20 2010501  ET MALWARE Executable purporting to be .cfg file with no Referer - Likely Malware; [1,2
8,1182015/01/20 2010500  ET MALWARE Executable purporting to be .txt file with no Referer - Likely Malware; [1,2
8,1172015/01/20 2010498  ET DELETED Facebook Spam Inbound (2); [1
8,1162015/01/20 2010497  ET DELETED Facebook Spam Inbound (1); [1,2
8,1152015/01/20 2010496  ET DELETED Adobe 0day Shovelware; [1,2
8,1142015/01/20 2010495  ET WEB_CLIENT Possible Adobe Multimedia Doc.media.newPlayer Memory Corruption Attempt; [1,2
8,1132015/01/20 2010494  ET SCAN Multiple MySQL Login Failures, Possible Brute Force Attempt; [1
8,1122015/01/20 2010493  ET SCAN Non-Allowed Host Tried to Connect to MySQL Server; [1,2
< 371  372  373  374  375  376  377  378  379  380 >
GigaVPN & GigaIPS is based MikroTik, Suricata and EmergingThreats.
Copyright ⓒ 2010 . All Rights Reserved.