시그니처 리스트, Signature List
번호날짜ID시그니처 (Total Ruleset: 27,111개)
10,4612015/01/20 2013129  ET WEB_SPECIFIC_APPS SoftMP3 search Parameter UPDATE SET SQL Injection Attempt; [1
10,4602015/01/20 2013128  ET WEB_SPECIFIC_APPS SoftMP3 search Parameter INSERT INTO SQL Injection Attempt; [1
10,4592015/01/20 2013127  ET WEB_SPECIFIC_APPS SoftMP3 search Parameter UNION SELECT SQL Injection Attempt; [1
10,4582015/01/20 2013126  ET WEB_SPECIFIC_APPS SoftMP3 search Parameter DELETE FROM SQL Injection Attempt; [1
10,4572015/01/20 2013125  ET WEB_SPECIFIC_APPS SoftMP3 search Parameter SELECT FROM SQL Injection Attempt; [1
10,4562015/01/20 2013124  ET DNS DNS Query for Suspicious .co.be Domain;  
10,4552015/01/20 2013123  ET POLICY HTTP Request to a *.co.be domain;  
10,4542015/01/20 2013122  ET TROJAN Vilsel.ayjv Checkin (aid);  
10,4532015/01/20 2013121  ET DELETED Win32.VB.OWR Checkin; [1,2
10,4522015/01/20 2013120  ET SCADA Siemens FactoryLink 8 CSService Logging Buffer Overflow Vulnerability; [1
10,4512015/01/20 2013119  ET ACTIVEX Easewe FTP OCX ActiveX Control EaseWeFtp.ocx Remote Code Execution Attempt;  
10,4502015/01/20 2013118  ET WEB_SPECIFIC_APPS Apache Tomcat Orderby Paramter Cross Site Scripting Attempt;  
10,4492015/01/20 2013117  ET WEB_SPECIFIC_APPS Apache Tomcat Sort Paramter Cross Site Scripting Attempt;  
10,4482015/01/20 2013116  ET SCAN Potential muieblackcat scanner double-URI and HTTP library;  
10,4472015/01/20 2013115  ET WEB_SERVER Muieblackcat scanner;  
10,4462015/01/20 2013114  ET TROJAN Win32.Vilsel Checkin; [1,2
10,4452015/01/20 2013113  ET DELETED Possible CVE-2011-2110 Flash Exploit Campaign Log.txt Request; [1
10,4442015/01/20 2013112  ET WEB_SPECIFIC_APPS Apache Archive configureAppearance script Cross Site Scripting Attempt; [1
10,4432015/01/20 2013111  ET WEB_SPECIFIC_APPS Apache Archive legacyArtifactPath script Cross Site Scripting Attempt; [1
10,4422015/01/20 2013110  ET WEB_SPECIFIC_APPS Apache Archive networkProxies script Cross Site Scripting Attempt; [1
10,4412015/01/20 2013109  ET WEB_SPECIFIC_APPS Apache Archive addNetworkProxy script Cross Site Scripting Attempt; [1
10,4402015/01/20 2013108  ET WEB_SPECIFIC_APPS Apache Archive addLegacyArtifactPath.action Cross Site Scripting Attempt; [1
10,4392015/01/20 2013107  ET WEB_SPECIFIC_APPS Apache Archive editAppearance script Cross Site Scripting Attempt; [1
10,4382015/01/20 2013106  ET WEB_SPECIFIC_APPS Apache Archive confirmDeleteRepository script Cross Site Scripting Attempt; [1
10,4372015/01/20 2013105  ET WEB_SPECIFIC_APPS Apache Archive addRepository script Cross Site Scripting Attempt; [1
10,4362015/01/20 2013104  ET WEB_SPECIFIC_APPS Apache Archive deleteNetworkProxy script Cross Site Scripting Attempt; [1
10,4352015/01/20 2013103  ET WEB_SPECIFIC_APPS Apache Archive addLegacyArtifactPath script Cross Site Scripting Attempt; [1
10,4342015/01/20 2013102  ET WEB_SPECIFIC_APPS Apache Archive deleteArtifact script Cross Site Scripting Attempt; [1
10,4332015/01/20 2013101  ET WEB_SPECIFIC_APPS Apache Archive userlist script Cross Site Scripting Attempt; [1
10,4322015/01/20 2013100  ET WEB_SPECIFIC_APPS Apache Archive roleedit script Cross Site Scripting Attempt; [1
10,4312015/01/20 2013099  ET WEB_SPECIFIC_APPS Apache Archive useredit script Cross Site Scripting Attempt; [1
10,4302015/01/20 2013098  ET CURRENT_EVENTS Driveby Exploit Kit Browser Progress Checkin - Binary Likely Previously Downloaded;  
10,4292015/01/20 2013097  ET INFO DYNAMIC_DNS HTTP Request to a *.dyndns.* domain;  
10,4282015/01/20 2013096  ET INFO DYNAMIC_DNS HTTP Request to a *.dyndns-*.com domain;  
10,4272015/01/20 2013095  ET WEB_SPECIFIC_APPS Nagios Expand Parameter Cross Site Scripting Attempt;  
10,4262015/01/20 2013094  ET CURRENT_EVENTS Phoenix/Fiesta URI Requested Contains /? and hex;  
10,4252015/01/20 2013093  ET CURRENT_EVENTS Clickfraud Framework Request;  
10,4242015/01/20 2013092  ET TROJAN VBKrypt.cmtp Login to Server; [1
10,4232015/01/20 2013091  ET TROJAN Backdoor.Win32.Fynloski.A Checkin Inbound; [1,2
10,4222015/01/20 2013090  ET TROJAN Backdoor.Win32.Fynloski.A/DarkRat Checkin Outbound; [1,2,3
10,4212015/01/20 2013089  ET WEB_SPECIFIC_APPS impressCMS dhtmltextarea root_path Parameter Remote File inclusion Attempt; [1
10,4202015/01/20 2013088  ET WEB_SPECIFIC_APPS impressCMS tinymce root_path Parameter Remote File inclusion Attempt; [1
10,4192015/01/20 2013087  ET WEB_SPECIFIC_APPS impressCMS FCKeditor root_path Parameter Remote File inclusion Attempt; [1
10,4182015/01/20 2013086  ET WEB_SPECIFIC_APPS vBulletin sortorder parameter Cross Site Scripting Attempt; [1
10,4172015/01/20 2013085  ET WEB_SPECIFIC_APPS BLOG CMS nsextt parameter Cross Site Scripting Vulnerability; [1
10,4162015/01/20 2013084  ET WEB_SPECIFIC_APPS PHP link Directory sbcat_id Parameter UPDATE SET SQL Injection Attempt;  
10,4152015/01/20 2013083  ET WEB_SPECIFIC_APPS PHP link Directory sbcat_id Parameter INSERT INTO SQL Injection Attempt;  
10,4142015/01/20 2013082  ET WEB_SPECIFIC_APPS PHP link Directory sbcat_id Parameter UNION SELECT SQL Injection Attempt;  
10,4132015/01/20 2013081  ET WEB_SPECIFIC_APPS PHP link Directory sbcat_id Parameter DELETE FROM SQL Injection Attempt;  
10,4122015/01/20 2013080  ET WEB_SPECIFIC_APPS PHP link Directory sbcat_id Parameter SELECT FROM SQL Injection Attempt;  
< 331  332  333  334  335  336  337  338  339  340 >
GigaVPN & GigaIPS is based MikroTik, Suricata and EmergingThreats.
Copyright ⓒ 2010 . All Rights Reserved.