시그니처 리스트, Signature List
번호날짜ID시그니처 (Total Ruleset: 27,111개)
10,0612015/01/20 2012724  ET WEB_SPECIFIC_APPS CitusCMS filePath Parameter Remote File inclusion Attempt; [1
10,0602015/01/20 2012723  ET WEB_SPECIFIC_APPS Mambo component com_zoom Blind SQL Injection Vulnerability; [1
10,0592015/01/20 2012722  ET WEB_SPECIFIC_APPS WordPress SocialGrid Plugin default_services Cross-Site Scripting Vulnerability; [1,2
10,0582015/01/20 2012721  ET WEB_SPECIFIC_APPS LightNEasy File Manager language Parameter Local File Inclusion Attempt; [1
10,0572015/01/20 2012720  ET WEB_SPECIFIC_APPS Simploo CMS x parameter Remote PHP Code Execution Attempt; [1
10,0562015/01/20 2012719  ET WEB_SPECIFIC_APPS I-Escorts Directory country_id parameter UPDATE SET SQL Injection Attempt; [1
10,0552015/01/20 2012718  ET WEB_SPECIFIC_APPS I-Escorts Directory country_id parameter INSERT INTO SQL Injection Attempt; [1
10,0542015/01/20 2012717  ET WEB_SPECIFIC_APPS I-Escorts Directory country_id parameter UNION SELECT SQL Injection Attempt; [1
10,0532015/01/20 2012716  ET WEB_SPECIFIC_APPS I-Escorts Directory country_id parameter DELETE FROM SQL Injection Attempt; [1
10,0522015/01/20 2012715  ET WEB_SPECIFIC_APPS I-Escorts Directory country_id parameter SELECT FROM SQL Injection Attempt; [1
10,0512015/01/20 2012714  ET TROJAN FakeAV BestAntivirus2011 Download;  
10,0502015/01/20 2012713  ET TROJAN Internet Protection FakeAV checkin; [1
10,0492015/01/20 2012712  ET POLICY MS Remote Desktop Service User Login Request;  
10,0482015/01/20 2012711  ET POLICY MS Remote Desktop POS User Login Request;  
10,0472015/01/20 2012710  ET POLICY MS Terminal Server Root login;  
10,0462015/01/20 2012709  ET POLICY MS Remote Desktop Administrator Login Request;  
10,0452015/01/20 2012708  ET WEB_SERVER HTTP 414 Request URI Too Large;  
10,0442015/01/20 2012707  ET TROJAN Suspicious double Server Header;  
10,0432015/01/20 2012706  ET WEB_SPECIFIC_APPS vtiger CRM service parameter Cross Site Scripting Attempt; [1
10,0422015/01/20 2012705  ET WEB_SPECIFIC_APPS WordPress WP Publication file Parameter Local File Inclusion Attempt; [1,2
10,0412015/01/20 2012704  ET WEB_SPECIFIC_APPS Joomla mod_virtuemart_featureprod module Remote File inclusion Attempt; [1
10,0402015/01/20 2012703  ET WEB_SPECIFIC_APPS Joomla mod_virtuemart_latestprod module Remote File inclusion Attempt; [1
10,0392015/01/20 2012702  ET WEB_SPECIFIC_APPS eGroupware loaddetails.php script UPDATE SET SQL Injection Attempt; [1
10,0382015/01/20 2012701  ET WEB_SPECIFIC_APPS eGroupware loaddetails.php script INSERT INTO SQL Injection Attempt; [1
10,0372015/01/20 2012700  ET WEB_SPECIFIC_APPS eGroupware loaddetails.php script UNION SELECT SQL Injection Attempt; [1
10,0362015/01/20 2012699  ET WEB_SPECIFIC_APPS eGroupware loaddetails.php script DELETE FROM SQL Injection Attempt; [1
10,0352015/01/20 2012698  ET WEB_SPECIFIC_APPS eGroupware loaddetails.php script SELECT FROM SQL Injection Attempt; [1
10,0342015/01/20 2012697  ET WEB_SPECIFIC_APPS Joomla virtuemart Blind SQL Injection Attempt; [1
10,0332015/01/20 2012696  ET TROJAN FakeAV InstallInternetProtection Download;  
10,0322015/01/20 2012695  ET USER_AGENTS suspicious User Agent (Lotto);  
10,0312015/01/20 2012694  ET POLICY request to .xxx TLD; [1
10,0302015/01/20 2012693  ET MALWARE overtls.com adware request;  
10,0292015/01/20 2012692  ET POLICY Microsoft user-agent automated process response to automated request;  
10,0282015/01/20 2012691  ET POLICY Internal Host visiting Showmyipaddress.com - Possible Trojan;  
10,0272015/01/20 2012690  ET ATTACK_RESPONSE Windows 7 CMD Shell from Local System;  
10,0262015/01/20 2012689  ET POLICY LoJack asset recovery/tracking - not malicious; [1
10,0252015/01/20 2012688  ET DELETED Potential Blackhole Exploit Pack landing; [1
10,0242015/01/20 2012687  ET CURRENT_EVENTS Unknown Exploit Pack Binary Load Request;  
10,0232015/01/20 2012686  ET TROJAN SpyEye Checkin version 1.3.25 or later;  
10,0222015/01/20 2012685  ET DELETED Win32/CazinoSilver Download VegasVIP_setup.exe; [1
10,0212015/01/20 2012684  ET WEB_CLIENT Office File With Embedded Executable;  
10,0202015/01/20 2012683  ET EXPLOIT HP OpenView NNM snmpviewer.exe CGI Stack Buffer Overflow 2;  
10,0192015/01/20 2012682  ET EXPLOIT HP OpenView NNM snmpviewer.exe CGI Stack Buffer Overflow 1;  
10,0182015/01/20 2012681  ET WEB_SPECIFIC_APPS webEdition CMS shop_artikelid Parameter Cross Site Scripting Attempt; [1,2
10,0172015/01/20 2012680  ET WEB_SPECIFIC_APPS webEdition CMS we_transaction Parameter Cross Site Scripting Attempt; [1,2
10,0162015/01/20 2012679  ET WEB_SPECIFIC_APPS webEdition CMS edit_shop_editorFrameset.php Cross Site Scripting Attempt; [1,2
10,0152015/01/20 2012678  ET WEB_SPECIFIC_APPS webEdition CMS openBrowser.php Cross Site Scripting Attempt; [1,2
10,0142015/01/20 2012677  ET WEB_SPECIFIC_APPS Andy PHP Knowledgebase SQL Injection Attempt pdfgen.php pdfa UPDATE; [1,2
10,0132015/01/20 2012676  ET WEB_SPECIFIC_APPS Andy PHP Knowledgebase SQL Injection Attempt pdfgen.php pdfa ASCII; [1,2
10,0122015/01/20 2012675  ET WEB_SPECIFIC_APPS Andy PHP Knowledgebase SQL Injection Attempt pdfgen.php pdfa DELETE; [1,2
< 341  342  343  344  345  346  347  348  349  350 >
GigaVPN & GigaIPS is based MikroTik, Suricata and EmergingThreats.
Copyright ⓒ 2010 . All Rights Reserved.