시그니처 리스트, Signature List
번호날짜ID시그니처 (Total Ruleset: 27,111개)
10,6612015/01/20 2013337  ET TROJAN PoisonIvy.E Keepalive to CnC; [1
10,6602015/01/20 2013336  ET POLICY SSL MiTM Vulnerable iOS 4.x CDMA iPhone device; [1,2,3
10,6592015/01/20 2013335  ET DELETED SSL MiTM Vulnerable or EOL iOS 4.x device; [1,2,3
10,6582015/01/20 2013334  ET DELETED SSL MiTM Vulnerable or EOL iOS 3.x device; [1,2,3
10,6572015/01/20 2013333  ET MALWARE Zugo.com SearchToolbar User-Agent (SearchToolbar); [1,2
10,6562015/01/20 2013332  ET TROJAN FakeAV Landing Page; [1
10,6552015/01/20 2013331  ET TROJAN Ruskill Reporting on Local Scans;  
10,6542015/01/20 2013330  ET TROJAN Ruskill CnC Download Command 2;  
10,6532015/01/20 2013329  ET TROJAN Ruskill CnC Download Command 1;  
10,6522015/01/20 2013328  ET CURRENT_EVENTS DNS Query for Known Hostile Domain gooqlepics com; [1
10,6512015/01/20 2013327  ET MOBILE_MALWARE Android.Zitmo Forwarding SMS Message to CnC Server; [1
10,6502015/01/20 2013326  ET DELETED Dictcn Trojan Downloader Node Server Type;  
10,6492015/01/20 2013325  ET DELETED Dictcn Trojan Downloader Receiving XML Format Node ID File From CnC Server;  
10,6482015/01/20 2013324  ET DELETED Dictcn Trojan Downloader Receiving XML Format Update File From CnC Server;  
10,6472015/01/20 2013323  ET DELETED Dictcn Trojan Downloader Update Check to CnC;  
10,6462015/01/20 2013322  ET WEB_CLIENT Microsoft Visio 2003 mfc71enu.dll DLL Loading Arbitrary Code Execution Attempt; [1,2
10,6452015/01/20 2013321  ET WEB_CLIENT Internet Explorer toStaticHTML HTML Sanitizing Information Disclosure Attempt;  
10,6442015/01/20 2013320  ET SHELLCODE Unicode UTF-16 Heap Spray Attempt;  
10,6432015/01/20 2013319  ET SHELLCODE Unicode UTF-8 Heap Spray Attempt;  
10,6422015/01/20 2013318  ET TROJAN Google Warning Infected Local User;  
10,6412015/01/20 2013317  ET MOBILE_MALWARE Android.AdSms XML File From CnC Server; [1
10,6402015/01/20 2013316  ET MOBILE_MALWARE Android.AdSms Retrieving XML File from CnC Server; [1
10,6392015/01/20 2013315  ET TROJAN Suspicious User-Agent (Agent and 5 or 6 digits);  
10,6382015/01/20 2013314  ET TROJAN Phoenix Landing Page Obfuscated Javascript 2;  
10,6372015/01/20 2013313  ET TROJAN Obfuscated Javascript Often Used in the Blackhole Exploit Kit 3;  
10,6362015/01/20 2013312  ET TROJAN Possible Ponmocup Driveby Download; [1
10,6352015/01/20 2013311  ET POLICY HTTP Request to a *.dlinkddns.com domain;  
10,6342015/01/20 2013310  ET WEB_SPECIFIC_APPS WordPress PHP Speedy Plugin title parameter Cross Site Scripting Attempt; [1
10,6332015/01/20 2013309  ET WEB_SPECIFIC_APPS WordPress PHP Speedy Plugin page Parameter Local File Inclusion Attempt; [1
10,6322015/01/20 2013308  ET WEB_SPECIFIC_APPS WordPress PHP Speedy Plugin page Parameter Remote File inclusion Attempt; [1
10,6312015/01/20 2013307  ET WEB_SPECIFIC_APPS Nuke Evolution Xtreme pid Parameter UPDATE SET SQL Injection Attempt; [1
10,6302015/01/20 2013306  ET WEB_SPECIFIC_APPS Nuke Evolution Xtreme pid Parameter INSERT INTO SQL Injection Attempt; [1
10,6292015/01/20 2013305  ET WEB_SPECIFIC_APPS Nuke Evolution Xtreme pid Parameter UNION SELECT SQL Injection Attempt; [1
10,6282015/01/20 2013304  ET WEB_SPECIFIC_APPS Nuke Evolution Xtreme pid Parameter DELETE FROM SQL Injection Attempt; [1
10,6272015/01/20 2013303  ET WEB_SPECIFIC_APPS Nuke Evolution Xtreme pid Parameter SELECT FROM SQL Injection Attempt; [1
10,6262015/01/20 2013300  ET POLICY DivX Client SSL Connection via Self-Signed SSL Cert;  
10,6252015/01/20 2013299  ET MOBILE_MALWARE Android/HippoSms Method Request to CnC; [1
10,6242015/01/20 2013298  ET POLICY Nessus Server SSL certificate detected;  
10,6232015/01/20 2013297  ET POLICY Free SSL Certificate (StartCom Free Certificate Member);  
10,6222015/01/20 2013296  ET POLICY Free SSL Certificate Provider (StartCom Class 1 Primary Intermediate Server CA);  
10,6212015/01/20 2013295  ET POLICY Self Signed SSL Certificate (Snake Oil CA);  
10,6202015/01/20 2013294  ET POLICY Self Signed SSL Certificate (Persona Not Validated);  
10,6192015/01/20 2013293  ET TROJAN Win32/Glupteba CnC Checkin; [1
10,6182015/01/20 2013292  ET TROJAN Win32/Cycbot Initial Checkin to CnC; [1
10,6172015/01/20 2013291  ET TROJAN Win32/Cycbot Pay-Per-Install Executable Download; [1
10,6162015/01/20 2013290  ET POLICY MOBILE Apple device leaking UDID from SpringBoard via GET; [1,2
10,6152015/01/20 2013289  ET POLICY MOBILE Apple device leaking UDID from SpringBoard; [1,2
10,6142015/01/20 2013288  ET EXPLOIT HP OpenView Network Node Manager Toolbar.exe CGI Buffer Overflow Attempt; [1
10,6132015/01/20 2013287  ET TROJAN Papras Banking Trojan Checkin; [1
10,6122015/01/20 2013286  ET TROJAN Win32.Jadtre Retrieving Cfg File;  
< 321  322  323  324  325  326  327  328  329  330 >
GigaVPN & GigaIPS is based MikroTik, Suricata and EmergingThreats.
Copyright ⓒ 2010 . All Rights Reserved.