시그니처 리스트, Signature List
번호날짜ID시그니처 (Total Ruleset: 27,111개)
9,9112015/01/20 2012570  ET WEB_SPECIFIC_APPS coRED CMS rubID Parameter UPDATE SET SQL Injection Attempt; [1
9,9102015/01/20 2012569  ET WEB_SPECIFIC_APPS coRED CMS rubID Parameter INSERT INTO SQL Injection Attempt; [1
9,9092015/01/20 2012568  ET WEB_SPECIFIC_APPS coRED CMS rubID Parameter UNION SELECT SQL Injection Attempt; [1
9,9082015/01/20 2012567  ET WEB_SPECIFIC_APPS coRED CMS rubID Parameter SELECT FROM SQL Injection Attempt; [1
9,9072015/01/20 2012566  ET WEB_SPECIFIC_APPS vBulletin vbBux vbplaza.php Blind SQL Injection Attempt; [1
9,9062015/01/20 2012565  ET WEB_SPECIFIC_APPS Openfoncier blocnote.class.php script Remote File inclusion Attempt; [1
9,9052015/01/20 2012564  ET WEB_SPECIFIC_APPS Openfoncier bible.class.php script Remote File inclusion Attempt; [1
9,9042015/01/20 2012563  ET WEB_SPECIFIC_APPS Openfoncier avis.class.php script Remote File inclusion Attempt; [1
9,9032015/01/20 2012562  ET WEB_SPECIFIC_APPS Openfoncier architecte.class.php script Remote File inclusion Attempt; [1
9,9022015/01/20 2012561  ET WEB_SPECIFIC_APPS Openfoncier action.class.php script Remote File inclusion Attempt; [1
9,9012015/01/20 2012560  ET WEB_SPECIFIC_APPS Shape Web Solutions imprimir.php UPDATE SET SQL Injection Attempt; [1
9,9002015/01/20 2012559  ET WEB_SPECIFIC_APPS Shape Web Solutions imprimir.php INSERT INTO SQL Injection Attempt; [1
9,8992015/01/20 2012558  ET WEB_SPECIFIC_APPS Shape Web Solutions imprimir.php UNION SELECT SQL Injection Attempt; [1
9,8982015/01/20 2012557  ET WEB_SPECIFIC_APPS Shape Web Solutions imprimir.php DELETE FROM SQL Injection Attempt; [1
9,8972015/01/20 2012556  ET WEB_SPECIFIC_APPS Shape Web Solutions imprimir.php SELECT FROM SQL Injection Attempt; [1
9,8962015/01/20 2012555  ET USER_AGENTS Suspicious User-Agent (VMozilla); [1,2
9,8952015/01/20 2012554  ET WEB_CLIENT Known Fraudulent SSL Certificate for www.google.com;  
9,8942015/01/20 2012553  ET WEB_CLIENT Known Fraudulent SSL Certificate for mail.google.com;  
9,8932015/01/20 2012552  ET WEB_CLIENT Known Fraudulent SSL Certificate for login.yahoo.com 3;  
9,8922015/01/20 2012551  ET WEB_CLIENT Known Fraudulent SSL Certificate for login.yahoo.com 2;  
9,8912015/01/20 2012550  ET WEB_CLIENT Known Fraudulent SSL Certificate for login.yahoo.com 1;  
9,8902015/01/20 2012549  ET WEB_CLIENT Known Fraudulent SSL Certificate for login.skype.com;  
9,8892015/01/20 2012548  ET WEB_CLIENT Known Fraudulent SSL Certificate for login.live.com;  
9,8882015/01/20 2012547  ET WEB_CLIENT Known Fraudulent SSL Certificate for Global Trustee;  
9,8872015/01/20 2012546  ET WEB_CLIENT Known Fraudulent SSL Certificate for addons.mozilla.org;  
9,8862015/01/20 2012543  ET ACTIVEX RealPlayer CDDA URI Overflow Uninitialized Pointer Attempt;  
9,8852015/01/20 2012542  ET POLICY HTTP Request to a *.gv.vg domain;  
9,8842015/01/20 2012541  ET TROJAN Downloader.small Generic Checkin;  
9,8832015/01/20 2012540  ET DELETED Possible Win32 Backdoor Poison; [1
9,8822015/01/20 2012539  ET DELETED Possible Rogue Antivirus; [1
9,8812015/01/20 2012538  ET DELETED Possible Zbot Trojan; [1
9,8802015/01/20 2012537  ET DELETED Possible Zbot Trojan; [1
9,8792015/01/20 2012536  ET MALWARE Mozilla 3.0 and Indy Library User-Agent Likely Hostile;  
9,8782015/01/20 2012535  ET SHELLCODE Unescape Variable Unicode Shellcode; [1
9,8772015/01/20 2012534  ET SHELLCODE Unescape Variable %u Shellcode; [1
9,8762015/01/20 2012533  ET TROJAN Win32/Virut.BN Checkin; [1
9,8752015/01/20 2012532  ET CURRENT_EVENTS WindowsLive Imposter Site Payload Download;  
9,8742015/01/20 2012531  ET CURRENT_EVENTS WindowsLive Imposter Site blt .png;  
9,8732015/01/20 2012530  ET CURRENT_EVENTS WindowsLive Imposter Site Landing Page;  
9,8722015/01/20 2012529  ET CURRENT_EVENTS WindowsLive Imposter Site WindowsLive.png;  
9,8712015/01/20 2012528  ET CURRENT_EVENTS Download of PDF File From Chinese Content-Language Website;  
9,8702015/01/20 2012527  ET CURRENT_EVENTS Download of PDF File From Russian Content-Language Website;  
9,8692015/01/20 2012526  ET CURRENT_EVENTS Download of Microsoft Office File From Chinese Content-Language Website;  
9,8682015/01/20 2012525  ET CURRENT_EVENTS Download of Microsft Office File From Russian Content-Language Website;  
9,8672015/01/20 2012524  ET POLICY Executable Download From Chinese Content-Language Website;  
9,8662015/01/20 2012523  ET POLICY Executable Download From Russian Content-Language Website;  
9,8652015/01/20 2012522  ET POLICY DNS Query For XXX Adult Site Top Level Domain; [1,2
9,8642015/01/20 2012521  ET TROJAN Generic Win32 Banker Trojan CheckIn; [1,2
9,8632015/01/20 2012520  ET WEB_CLIENT Microsoft OLE Compound File Magic Bytes Flowbit Set;  
9,8622015/01/20 2012519  ET DELETED Microsoft Publisher Array Indexing Memory Corruption SET; [1
< 341  342  343  344  345  346  347  348  349  350 >
GigaVPN & GigaIPS is based MikroTik, Suricata and EmergingThreats.
Copyright ⓒ 2010 . All Rights Reserved.