시그니처 리스트, Signature List
번호날짜ID시그니처 (Total Ruleset: 27,111개)
10,8112015/01/20 2013489  ET TROJAN Best Pack Exploit Pack Binary Load Request; [1
10,8102015/01/20 2013488  ET TROJAN Zeus Bot GET to Bing checking Internet connectivity; [1,2
10,8092015/01/20 2013487  ET CURRENT_EVENTS Likely Generic Java Exploit Attempt Request for Java to decimal host; [1
10,8082015/01/20 2013486  ET CURRENT_EVENTS Phoenix landing page JAVASMB;  
10,8072015/01/20 2013485  ET CURRENT_EVENTS Phoenix Java MIDI Exploit Received;  
10,8062015/01/20 2013484  ET CURRENT_EVENTS Phoenix Java MIDI Exploit Received By Vulnerable Client;  
10,8052015/01/20 2013483  ET TROJAN DNS query for Morto RDP worm related domain jifr.co.cc; [1
10,8042015/01/20 2013482  ET TROJAN DNS query for Morto RDP worm related domain jaifr.net; [1
10,8032015/01/20 2013481  ET TROJAN DNS query for Morto RDP worm related domain jaifr.com; [1
10,8022015/01/20 2013480  ET TROJAN DNS query for Morto RDP worm related domain qfsl.net; [1
10,8012015/01/20 2013479  ET SCAN Behavioral Unusually fast Terminal Server Traffic, Potential Scan or Infection (Outbound); [1
10,8002015/01/20 2013478  ET POLICY SUSPICIOUS *.pdf.exe in HTTP HEADER;  
10,7992015/01/20 2013477  ET POLICY SUSPICIOUS *.doc.exe in HTTP HEADER;  
10,7982015/01/20 2013476  ET POLICY SUSPICIOUS *.pdf.exe in HTTP URL;  
10,7972015/01/20 2013475  ET POLICY SUSPICIOUS *.doc.exe in HTTP URL;  
10,7962015/01/20 2013474  ET CURRENT_EVENTS DRIVEBY ACH - Redirection;  
10,7952015/01/20 2013473  ET SCAN Apache mod_deflate DoS via many multiple byte Range values; [1
10,7942015/01/20 2013472  ET SCAN Kingcope KillApache.pl Apache mod_deflate DoS attempt; [1
10,7932015/01/20 2013471  ET WEB_SPECIFIC_APPS Joomla Community component userid parameter UPDATE SET SQL Injection Attempt; [1
10,7922015/01/20 2013470  ET WEB_SPECIFIC_APPS Joomla Community component userid parameter INSERT INTO SQL Injection Attempt; [1
10,7912015/01/20 2013469  ET WEB_SPECIFIC_APPS Joomla Community component userid parameter UNION SELECT SQL Injection Attempt; [1
10,7902015/01/20 2013468  ET WEB_SPECIFIC_APPS Joomla Community component userid parameter DELETE FROM SQL Injection Attempt; [1
10,7892015/01/20 2013467  ET WEB_SPECIFIC_APPS Joomla Community component userid parameter SELECT FROM SQL Injection Attempt; [1
10,7882015/01/20 2013466  ET WEB_SPECIFIC_APPS DiY-CMS lang Parameter Remote File inclusion Attempt; [1
10,7872015/01/20 2013465  ET WEB_SPECIFIC_APPS EasySiteEdit langval Parameter Remote File inclusion Attempt; [1
10,7862015/01/20 2013464  ET WEB_SPECIFIC_APPS WordPress UnGallery pic Parameter Local File Inclusion Attempt; [1
10,7852015/01/20 2013463  ET DOS Skype FindCountriesByNamePattern property Buffer Overflow Attempt Format String Function Call; [1
10,7842015/01/20 2013462  ET DOS Skype FindCountriesByNamePattern property Buffer Overflow Attempt; [1
10,7832015/01/20 2013461  ET TROJAN Win32/Wizpop Initial Checkin; [1
10,7822015/01/20 2013460  ET INFO HTTP Request to a *.c0m.li domain;  
10,7812015/01/20 2013459  ET POLICY Facebook Like Button Clicked (2); [1,2
10,7802015/01/20 2013458  ET POLICY Facebook Like Button Clicked (1); [1,2
10,7792015/01/20 2013457  ET POLICY BitCoin User-Agent Likely Bitcoin Miner; [1
10,7782015/01/20 2013456  ET TROJAN Win32/VB.HV Checkin; [1
10,7772015/01/20 2013455  ET TROJAN Suspicious User-Agent (GUIDTracker); [1
10,7762015/01/20 2013454  ET POLICY CNET TechTracker Software Manager request; [1
10,7752015/01/20 2013453  ET POLICY CNET Custom Installer Possible Bundled Bloatware; [1
10,7742015/01/20 2013452  ET MALWARE Suspicious User-Agent (go-diva); [1
10,7732015/01/20 2013451  ET TROJAN NgrBot IRC CnC Channel Join; [1
10,7722015/01/20 2013450  ET TROJAN Troxen Downloader Checkin; [1
10,7712015/01/20 2013449  ET DELETED W32/Rbot User-Agent (tiehttp);  
10,7702015/01/20 2013448  ET MALWARE SurfSideKick Activity (iinfo);  
10,7692015/01/20 2013447  ET TROJAN Win32/TrojanDownloader.Chekafe.D Initial Checkin;  
10,7682015/01/20 2013446  ET TROJAN Win32/TrojanDownloader.Chekafe.D User-Agent my_check_data On Off HTTP Port;  
10,7672015/01/20 2013445  ET TROJAN W32/NetShare User-Agent;  
10,7662015/01/20 2013444  ET TROJAN Win32/Onescan FraudWare User-Agent;  
10,7652015/01/20 2013443  ET TROJAN W32/Mnless Checkin;  
10,7642015/01/20 2013442  ET DELETED EXE Download When Server Claims To Send Audio File - DOS Mode;  
10,7632015/01/20 2013441  ET TROJAN EXE Download When Server Claims To Send Audio File - Must Be Win32;  
10,7622015/01/20 2013440  ET TROJAN W32/DirtJumper CnC Server Providing DDOS Targets; [1
< 321  322  323  324  325  326  327  328  329  330 >
GigaVPN & GigaIPS is based MikroTik, Suricata and EmergingThreats.
Copyright ⓒ 2010 . All Rights Reserved.