시그니처 리스트, Signature List
번호날짜ID시그니처 (Total Ruleset: 27,111개)
9,2112015/01/20 2011844  ET WEB_SPECIFIC_APPS Joomla com_rwcards mosConfig_absolute_path Remote File Inclusion Attempt; [1
9,2102015/01/20 2011843  ET WEB_SPECIFIC_APPS BaconMap updatelist.php filepath Local File Inclusion Attempt; [1
9,2092015/01/20 2011842  ET WEB_SPECIFIC_APPS PHP-Fusion mguser fotoalbum album_id Parameter INSERT INTO SQL Injection Attempt; [1
9,2082015/01/20 2011841  ET WEB_SPECIFIC_APPS PHP-Fusion mguser fotoalbum album_id Parameter UPDATE SET SQL Injection Attempt; [1
9,2072015/01/20 2011840  ET WEB_SPECIFIC_APPS PHP-Fusion mguser fotoalbum album_id Parameter UNION SELECT SQL Injection Attempt; [1
9,2062015/01/20 2011839  ET WEB_SPECIFIC_APPS PHP-Fusion mguser fotoalbum album_id Parameter DELETE FROM SQL Injection Attempt; [1
9,2052015/01/20 2011838  ET WEB_SPECIFIC_APPS PHP-Fusion mguser fotoalbum album_id Parameter SELECT FROM SQL Injection Attempt; [1
9,2042015/01/20 2011837  ET WEB_SPECIFIC_APPS A6MamboHelpDesk Admin.a6mambohelpdesk.php Remote File inclusion Attempt;  
9,2032015/01/20 2011836  ET WEB_SPECIFIC_APPS OvBB admincp.php smilieid Parameter INSERT INTO SQL Injection Attempt; [1
9,2022015/01/20 2011835  ET WEB_SPECIFIC_APPS OvBB admincp.php smilieid Parameter UPDATE SET SQL Injection Attempt; [1
9,2012015/01/20 2011834  ET WEB_SPECIFIC_APPS OvBB admincp.php smilieid Parameter UNION SELECT SQL Injection Attempt; [1
9,2002015/01/20 2011833  ET WEB_SPECIFIC_APPS OvBB admincp.php smilieid Parameter DELETE FROM SQL Injection Attempt; [1
9,1992015/01/20 2011832  ET WEB_SPECIFIC_APPS OvBB admincp.php smilieid Parameter SELECT FROM SQL Injection Attempt; [1
9,1982015/01/20 2011831  ET WEB_SPECIFIC_APPS CMS Board site_path Parameter Remote File Inclusion Attempt; [1
9,1972015/01/20 2011830  ET WEB_SPECIFIC_APPS MyOWNspace getfeed.php file Parameter Local File Inclusion Attempt(2); [1
9,1962015/01/20 2011829  ET WEB_SPECIFIC_APPS MyOWNspace getfeed.php file Parameter Local File Inclusion Attempt(1); [1
9,1952015/01/20 2011828  ET WEB_SPECIFIC_APPS 724CMS section.php Module Parameter Local File inclusion Attempt; [1
9,1942015/01/20 2011827  ET TROJAN Xilcter/Zeus related malware dropper reporting in;  
9,1932015/01/20 2011826  ET DELETED Pre Projects E-Smart Cart login.asp Arbitrary SQL Command Injection Attempt; [1,2
9,1922015/01/20 2011825  ET TROJAN MUROFET/Licat Trojan; [1
9,1912015/01/20 2011824  ET DOS User-Agent used in known DDoS Attacks Detected inbound 2; [1
9,1902015/01/20 2011823  ET DOS User-Agent used in known DDoS Attacks Detected outbound 2; [1
9,1892015/01/20 2011822  ET DOS User-Agent used in known DDoS Attacks Detected inbound; [1
9,1882015/01/20 2011821  ET DOS User-Agent used in known DDoS Attacks Detected outbound; [1
9,1872015/01/20 2011820  ET TROJAN Fake AV CnC Checkin cycle_report; [1
9,1862015/01/20 2011819  ET POLICY Zero Content-Length HTTP POST with data (outbound);  
9,1852015/01/20 2011818  ET DELETED Zeus http client library detected;  
9,1842015/01/20 2011817  ET DELETED Zeus GET Request to CnC;  
9,1832015/01/20 2011816  ET DELETED Zeus POST Request to CnC; [1,2
9,1822015/01/20 2011815  ET DELETED SEO Exploit Kit - client exploited by Acrobat;  
9,1812015/01/20 2011814  ET DELETED SEO Exploit Kit - client exploited by SMB;  
9,1802015/01/20 2011813  ET CURRENT_EVENTS SEO Exploit Kit - client exploited;  
9,1792015/01/20 2011812  ET CURRENT_EVENTS SEO Exploit Kit - Landing Page;  
9,1782015/01/20 2011811  ET DELETED ZeuS http client library detected;  
9,1772015/01/20 2011810  ET DELETED MALVERTISING redirect to eleonore exploit kit;  
9,1762015/01/20 2011809  ET SCAN Inspathx Path Disclosure Scan; [1,2
9,1752015/01/20 2011808  ET SCAN Inspathx Path Disclosure Scanner User-Agent Detected; [1,2
9,1742015/01/20 2011807  ET WEB_SERVER WebResource.axd access without t (time) parameter - possible ASP padding-oracle exploit; [1,2
9,1732015/01/20 2011806  ET WEB_SERVER ScriptResource.axd access without t (time) parameter - possible ASP padding-oracle exploit; [1,2
9,1722015/01/20 2011804  ET SHELLCODE Possible UDP x86 JMP to CALL Shellcode Detected; [1
9,1712015/01/20 2011803  ET SHELLCODE Possible TCP x86 JMP to CALL Shellcode Detected; [1
9,1702015/01/20 2011802  ET DNS DNS Lookup for localhost.DOMAIN.TLD;  
9,1692015/01/20 2011801  ET ACTIVEX AoA Audio Extractor ActiveX Control Buffer Overflow Attempt; [1,2
9,1682015/01/20 2011800  ET POLICY Abnormal User-Agent No space after colon - Likely Hostile;  
9,1672015/01/20 2011799  ET TROJAN Carberp checkin task; [1,2,3,4,5,6,7,8
9,1662015/01/20 2011798  ET TROJAN carberp check in;  
9,1652015/01/20 2011797  ET CURRENT_EVENTS Driveby Bredolab - client exploited by acrobat;  
9,1642015/01/20 2011796  ET DELETED Driveby Bredolab - landing page;  
9,1632015/01/20 2011795  ET DELETED Driveby Bredolab - client requesting java exploit;  
9,1622015/01/20 2011794  ET WEB_SPECIFIC_APPS iScripts MultiCart orderid Parameter DELETE FROM SQL Injection Attempt;  
< 351  352  353  354  355  356  357  358  359  360 >
GigaVPN & GigaIPS is based MikroTik, Suricata and EmergingThreats.
Copyright ⓒ 2010 . All Rights Reserved.