시그니처 리스트, Signature List
번호날짜ID시그니처 (Total Ruleset: 27,111개)
8,4612015/01/20 2010877  ET EXPLOIT Possible SpamAssassin Milter Plugin Remote Arbitrary Command Injection Attempt; [1,2,3
8,4602015/01/20 2010876  ET DELETED Foxit PDF Reader Buffer Overflow Attempt; [1,2
8,4592015/01/20 2010875  ET TROJAN Blackenergy Bot Checkin to C&C (2); [1
8,4582015/01/20 2010873  ET DELETED Opera User-Agent Flowbit Set; [1
8,4572015/01/20 2010872  ET TROJAN Pragma hack Detected Outbound - Likely Infected Source;  
8,4562015/01/20 2010871  ET DELETED NeoSploit Exploit Kit Java exploit drive-by host likely infected (nte); [1,2
8,4552015/01/20 2010870  ET DELETED NeoSploit Exploit Kit Java exploit drive-by host likely infected (kav); [1,2
8,4542015/01/20 2010869  ET DELETED PE EXE or DLL Windows file download (2); [1
8,4532015/01/20 2010868  ET MALWARE Incorrectly formatted User-Agent string (dashes instead of semicolons) Likely Hostile; [1
8,4522015/01/20 2010867  ET DELETED Potential FakeAV download Setup_103s1 or Setup_207 variant; [1,2
8,4512015/01/20 2010866  ET DELETED Hostile domain, NeoSploit FakeAV google.analytics.com.*.info; [1,2
8,4502015/01/20 2010865  ET WEB_SPECIFIC_APPS IBM Possible Lotus Domino readme.nsf Cross Site Scripting Attempt; [1,2
8,4492015/01/20 2010864  ET WEB_SERVER HP OpenView /OvCgi/Toolbar.exe Accept Language Heap Buffer Overflow Attempt; [1
8,4482015/01/20 2010863  ET WEB_SERVER LANDesk Command Injection Attempt; [1,2
8,4472015/01/20 2010862  ET WEB_SPECIFIC_APPS Possible APC Network Management Card Cross Site Scripting Attempt; [1
8,4462015/01/20 2010861  ET DELETED Zeus Bot Request to CnC; [1
8,4452015/01/20 2010860  ET DELETED Gh0st Trojan CnC Response; [1
8,4442015/01/20 2010859  ET DELETED Gh0st Trojan CnC; [1
8,4432015/01/20 2010857  ET WEB_SPECIFIC_APPS Joomla com_job Component id_job Parameter UPDATE SET SQL Injection Attempt; [1,2
8,4422015/01/20 2010856  ET WEB_SPECIFIC_APPS Joomla com_job Component id_job Parameter INSERT INTO SQL Injection Attempt; [1,2
8,4412015/01/20 2010855  ET WEB_SPECIFIC_APPS Joomla com_job Component id_job Parameter UNION SELECT SQL Injection Attempt; [1,2
8,4402015/01/20 2010854  ET WEB_SPECIFIC_APPS Joomla com_job Component id_job Parameter DELETE FROM SQL Injection Attempt; [1,2
8,4392015/01/20 2010853  ET WEB_SPECIFIC_APPS Joomla com_job Component id_job Parameter SELECT FROM SQL Injection Attempt; [1,2
8,4382015/01/20 2010852  ET ACTIVEX WinDVD7 IASystemInfo.DLL ActiveX ApplicationType method buffer overflow Attempt; [1,2,3
8,4372015/01/20 2010851  ET ACTIVEX Logitech VideoCall ActiveX Start method buffer overflow Attempt; [1,2,3,4
8,4362015/01/20 2010848  ET WEB_SPECIFIC_APPS Joomla morfeoshow morfeoshow.html.php Remote File Inclusion Attempt; [1,2
8,4352015/01/20 2010847  ET WEB_SPECIFIC_APPS com_if_nexus controller Parameter Remote File Inclusion Attempt; [1,2
8,4342015/01/20 2010846  ET WEB_SPECIFIC_APPS Joomla com_avosbillets Component id Parameter INSERT INTO SQL Injection Attempt; [1
8,4332015/01/20 2010845  ET WEB_SPECIFIC_APPS Joomla com_avosbillets Component id Parameter UNION SELECT SQL Injection Attempt; [1
8,4322015/01/20 2010844  ET WEB_SPECIFIC_APPS Joomla com_avosbillets Component id Parameter DELETE FROM SQL Injection Attempt; [1
8,4312015/01/20 2010843  ET WEB_SPECIFIC_APPS Joomla com_avosbilletsy Component id Parameter SELECT FROM SQL Injection Attempt; [1
8,4302015/01/20 2010842  ET WEB_SPECIFIC_APPS Joomla com_avosbillets Component id Parameter UPDATE SET SQL Injection Attempt; [1
8,4292015/01/20 2010841  ET WEB_CLIENT DX Studio Player Firefox Plug-in Command Injection Attempt; [1
8,4282015/01/20 2010840  ET ACTIVEX Viscom Software Movie Player Pro SDK ActiveX 6.8 Remote Buffer Overflow Attempt; [1,2
8,4272015/01/20 2010839  ET ACTIVEX Possible Rising Online Virus Scanner ActiveX Control Scan() Method Stack Buffer Overflow Attempt; [1,2
8,4262015/01/20 2010838  ET TROJAN WScript/VBScript XMLHTTP downloader likely malicious get?src=; [1,2
8,4252015/01/20 2010837  ET ACTIVEX Windows Defender ActiveX WriteValue method Remote Code Execution Function Call; [1,2
8,4242015/01/20 2010835  ET ACTIVEX Windows Defender ActiveX DeleteValue method Remote Code Execution Function Call; [1,2
8,4232015/01/20 2010834  ET ACTIVEX Windows Defender ActiveX DeleteValue/WriteValue method Heap Overflow Attempt; [1,2
8,4222015/01/20 2010833  ET WEB_SPECIFIC_APPS Joomla intuit component intuit.php approval Local File Inclusion Attempt; [1,2
8,4212015/01/20 2010830  ET DELETED Unknown Dropper Checkin (2); [1
8,4202015/01/20 2010829  ET DELETED Torpig CnC Report Command on port 8392; [1
8,4192015/01/20 2010828  ET DELETED Torpig CnC IP Report Command on port 8392; [1
8,4182015/01/20 2010827  ET DELETED Torpig CnC Connect on port 8392; [1
8,4172015/01/20 2010826  ET DELETED Torpig Initial CnC Connect on port 8392; [1
8,4162015/01/20 2010825  ET DELETED Torpig Ping-Pong Keepalives Inbound; [1
8,4152015/01/20 2010824  ET DELETED Torpig Ping-Pong Keepalives Outbound; [1
8,4142015/01/20 2010823  ET TROJAN Torpig Related Fake User-Agent (Apache (compatible...)); [1
8,4132015/01/20 2010822  ET TROJAN smain?scout=acxc Generic Download landing; [1,2,3
8,4122015/01/20 2010821  ET TROJAN Java Downloader likely malicious payload download src=xrun; [1,2
< 371  372  373  374  375  376  377  378  379  380 >
GigaVPN & GigaIPS is based MikroTik, Suricata and EmergingThreats.
Copyright ⓒ 2010 . All Rights Reserved.