시그니처 리스트, Signature List
번호날짜ID시그니처 (Total Ruleset: 27,111개)
10,3612015/01/20 2013029  ET DELETED Java User Agent; [1
10,3602015/01/20 2013028  ET POLICY curl User-Agent Outbound; [1
10,3592015/01/20 2013027  ET CURRENT_EVENTS Java/PDF Exploit kit initial landing;  
10,3582015/01/20 2013026  ET TROJAN Secure-Soft.Stealer Checkin; [1,2
10,3572015/01/20 2013025  ET CURRENT_EVENTS Java/PDF Exploit kit from /Home/games/ initial landing;  
10,3562015/01/20 2013024  ET CURRENT_EVENTS Exploit kit mario.jar;  
10,3552015/01/20 2013023  ET MOBILE_MALWARE DNS Query for gongfu-android.com DroidKungFu CnC Server; [1,2,3
10,3542015/01/20 2013022  ET MOBILE_MALWARE DroidKungFu Checkin 2; [1,2,3
10,3532015/01/20 2013021  ET MOBILE_MALWARE Possible Post of Infected Mobile Device Location Information;  
10,3522015/01/20 2013020  ET MOBILE_MALWARE DroidKungFu Checkin; [1,2,3
10,3512015/01/20 2013019  ET MOBILE_MALWARE Iphone iKee.B Checkin; [1
10,3502015/01/20 2013018  ET POLICY HTMLGET User Agent Detected - Often Linux utility based; [1
10,3492015/01/20 2013017  ET TROJAN Known Malicious User-Agent (x) Win32/Tracur.A or OneStep Adware Related; [1,2
10,3482015/01/20 2013016  ET DNS DNS Query for Illegal Drug Sales Site (SilkRoad);  
10,3472015/01/20 2013015  ET POLICY HTTP Request to Illegal Drug Sales Site (SilkRoad);  
10,3462015/01/20 2013014  ET WEB_SERVER PHP Possible zlib Remote File Inclusion Attempt; [1
10,3452015/01/20 2013013  ET POLICY StumbleUpon Submission Detected;  
10,3442015/01/20 2013012  ET DELETED MALVERTISING SL_*_0000 JavaScript redirect;  
10,3432015/01/20 2013011  ET CURRENT_EVENTS Malicious PHP 302 redirect response with avtor URI and cookie;  
10,3422015/01/20 2013010  ET CURRENT_EVENTS Request to malicious info.php drive-by landing;  
10,3412015/01/20 2013009  ET WEB_SERVER PHP Possible expect Remote File Inclusion Attempt; [1
10,3402015/01/20 2013008  ET WEB_SERVER PHP Possible ogg Remote File Inclusion Attempt; [1
10,3392015/01/20 2013007  ET WEB_SERVER PHP Possible rar Remote File Inclusion Attempt; [1
10,3382015/01/20 2013006  ET WEB_SERVER PHP Possible ssh2 Remote File Inclusion Attempt; [1
10,3372015/01/20 2013005  ET WEB_SERVER PHP Possible phar Remote File Inclusion Attempt; [1
10,3362015/01/20 2013004  ET WEB_SERVER PHP Possible glob Remote File Inclusion Attempt; [1
10,3352015/01/20 2013003  ET WEB_SERVER PHP Possible data Remote File Inclusion Attempt; [1
10,3342015/01/20 2013002  ET WEB_SERVER PHP Possible file Remote File Inclusion Attempt; [1
10,3332015/01/20 2013001  ET WEB_SERVER PHP Possible php Remote File Inclusion Attempt; [1
10,3322015/01/20 2013000  ET WEB_SERVER PHP Possible ftps Local File Inclusion Attempt; [1
10,3312015/01/20 2012999  ET WEB_SERVER PHP Possible ftp Remote File Inclusion Attempt; [1
10,3302015/01/20 2012998  ET WEB_SERVER PHP Possible https Local File Inclusion Attempt; [1
10,3292015/01/20 2012997  ET WEB_SERVER PHP Possible http Remote File Inclusion Attempt; [1
10,3282015/01/20 2012996  ET WEB_SPECIFIC_APPS AWStats Totals sort parameter Remote Code Execution Attempt; [1
10,3272015/01/20 2012995  ET WEB_SPECIFIC_APPS People Joomla Component controller Parameter Local File Inclusion Vulnerability; [1
10,3262015/01/20 2012994  ET WEB_SPECIFIC_APPS PEAR_PHPDIR Parameter Remote File inclusion Attempt; [1
10,3252015/01/20 2012993  ET WEB_SPECIFIC_APPS PEAR include_path Parameter Remote File inclusion Attempt; [1
10,3242015/01/20 2012992  ET WEB_SPECIFIC_APPS Nakid CMS CKEditorFuncNum parameter Cross Site Scripting Attempt; [1
10,3232015/01/20 2012991  ET WEB_SPECIFIC_APPS TEDE Simplificado processaPesquisa.php script UPDATE SET SQL Injection Attempt; [1
10,3222015/01/20 2012990  ET WEB_SPECIFIC_APPS TEDE Simplificado processaPesquisa.php script INSERT INTO SQL Injection Attempt; [1
10,3212015/01/20 2012989  ET WEB_SPECIFIC_APPS TEDE Simplificado processaPesquisa.php script UNION SELECT SQL Injection Attempt; [1
10,3202015/01/20 2012988  ET WEB_SPECIFIC_APPS TEDE Simplificado processaPesquisa.php script DELETE FROM SQL Injection Attempt; [1
10,3192015/01/20 2012987  ET WEB_SPECIFIC_APPS TEDE Simplificado processaPesquisa.php script SELECT FROM SQL Injection Attempt; [1
10,3182015/01/20 2012986  ET SMTP Robtex.com Block Message;  
10,3172015/01/20 2012985  ET SMTP Sorbs.net Block Message;  
10,3162015/01/20 2012984  ET SMTP Sophos.com Block Message;  
10,3152015/01/20 2012983  ET SMTP Spamcop.net Block Message;  
10,3142015/01/20 2012982  ET SMTP Abuseat.org Block Message;  
10,3132015/01/20 2012981  ET TROJAN Possible FakeAV Binary Download (Security);  
10,3122015/01/20 2012980  ET WEB_SPECIFIC_APPS ZOHO ManageEngine ADSelfService Employee Search XSS Attempt; [1
< 331  332  333  334  335  336  337  338  339  340 >
GigaVPN & GigaIPS is based MikroTik, Suricata and EmergingThreats.
Copyright ⓒ 2010 . All Rights Reserved.