시그니처 리스트, Signature List
번호날짜ID시그니처 (Total Ruleset: 27,111개)
1,4112015/01/20 2003105  ET ACTIVEX Microsoft Multimedia Controls - ActiveX control's KeyFrame function call Object; [1,2
1,4102015/01/20 2003104  ET DELETED Microsoft Multimedia Controls - ActiveX control's KeyFrame function call CSLID; [1,2
1,4092015/01/20 2003103  ET ACTIVEX Microsoft Multimedia Controls - ActiveX control's spline function call Object; [1,2
1,4082015/01/20 2003102  ET ACTIVEX Microsoft Multimedia Controls - ActiveX control's spline function call CLSID; [1,2
1,4072015/01/20 2003099  ET WEB_SERVER Poison Null Byte; [1,2
1,4062015/01/20 2003097  ET DELETED Possible Image Spam Inbound (complex rule); [1
1,4052015/01/20 2003096  ET DELETED Possible Image Spam Inbound (simple rule); [1
1,4042015/01/20 2003095  ET DELETED (UPX) VMM Detecting Torpig/Anserin/Sinowal Trojan; [1
1,4032015/01/20 2003094  ET DELETED VMM Detecting Torpig/Anserin/Sinowal Trojan; [1
1,4022015/01/20 2003092  ET DELETED Gmail gtalk; [1
1,4012015/01/20 2003089  ET GAMES STEAM Connection (v2); [1
1,4002015/01/20 2003087  ET WEB_SERVER Barracuda Spam Firewall preview_email.cgi Remote Directory Traversal Attempt; [1
1,3992015/01/20 2003086  ET WEB_SERVER Barracuda Spam Firewall preview_email.cgi Remote Command Execution; [1
1,3982015/01/20 2003085  ET WEB_SPECIFIC_APPS TWiki Configure Script TYPEOF Remote Command Execution Attempt; [1
1,3972015/01/20 2003084  ET MALWARE TROJAN_VB Microjoin; [1,2
1,3962015/01/20 2003083  ET TROJAN Dialer; [1,2
1,3952015/01/20 2003082  ET NETBIOS NETBIOS SMB-DS DCERPC NetrpPathCanonicalize request (possible MS06-040); [1,2
1,3942015/01/20 2003081  ET NETBIOS NETBIOS SMB DCERPC NetrpPathCanonicalize request (possible MS06-040); [1,2
1,3932015/01/20 2003076  ET MALWARE Content-loader.com (ownusa.info) Spyware Install; [1
1,3922015/01/20 2003075  ET MALWARE Content-loader.com Spyware Install 2; [1
1,3912015/01/20 2003074  ET MALWARE Content-loader.com Spyware Install; [1
1,3902015/01/20 2003073  ET DELETED ICMP Banking Trojan sending encrypted stolen data; [1,2
1,3892015/01/20 2003072  ET EXPLOIT Linksys WRT54g Authentication Bypass Attempt; [1,2
1,3882015/01/20 2003071  ET ATTACK_RESPONSE Possible /etc/passwd via HTTP (BSD style); [1
1,3872015/01/20 2003070  ET DELETED Korgo.U Reporting; [1,2
1,3862015/01/20 2003069  ET DELETED Anonymous Proxy Traffic from Inside; [1
1,3852015/01/20 2003068  ET SCAN Potential SSH Scan OUTBOUND; [1,2
1,3842015/01/20 2003067  ET EXPLOIT DOS Microsoft Windows SRV.SYS MAILSLOT; [1,2,3
1,3832015/01/20 2003066  ET TROJAN Torpig Reporting User Activity (wur8); [1,2
1,3822015/01/20 2003065  ET DELETED Cisco-MARS/JBoss Remote Command Execution; [1
1,3812015/01/20 2003064  ET DELETED Cisco-MARS/JBoss jmx-console POST; [1
1,3802015/01/20 2003063  ET DELETED WebAttacker RootLauncher; [1
1,3792015/01/20 2003062  ET USER_AGENTS 180 Solutions (Zango Installer) User Agent; [1
1,3782015/01/20 2003061  ET MALWARE 180solutions (Zango) Spyware Event Activity Post; [1,2
1,3772015/01/20 2003060  ET MALWARE 180solutions (Zango) Spyware Local Stats Post; [1,2
1,3762015/01/20 2003059  ET MALWARE 180solutions (Zango) Spyware TB Installer Download; [1,2
1,3752015/01/20 2003058  ET MALWARE 180solutions (Zango) Spyware Installer Download; [1,2
1,3742015/01/20 2003057  ET MALWARE 180solutions Spyware Actionlibs Download; [1,2
1,3732015/01/20 2003056  ET WEB_SPECIFIC_APPS EiQNetworks Security Analyzer Buffer Overflow; [1,2
1,3722015/01/20 2003055  ET MALWARE Suspicious FTP 220 Banner on Local Port (-); [1
1,3712015/01/20 2003048  ET POLICY Proxy Judge Discovery/Evasion (proxyjudge.cgi); [1
1,3702015/01/20 2003047  ET POLICY Proxy Judge Discovery/Evasion (prxjdg.cgi); [1
1,3692015/01/20 2003046  ET DELETED Real.com Game Arcade Install; [1
1,3682015/01/20 2003045  ET DELETED Real.com Game Arcade Install (User agent); [1
1,3672015/01/20 2003041  ET DELETED Win32.SMTP-Mailer SMTP Outbound; [1,2,3
1,3662015/01/20 2003040  ET DELETED PCMesh Anonymous Proxy client connect; [1
1,3652015/01/20 2003039  ET EXPLOIT UPnP DLink M-Search Overflow Attempt; [1,2
1,3642015/01/20 2003038  ET POLICY Known SSL traffic on port 8294 (Bloomberg) being excluded from SSL Alerts; [1
1,3632015/01/20 2003037  ET POLICY Known SSL traffic on port 8292 (Bloomberg) being excluded from SSL Alerts; [1
1,3622015/01/20 2003036  ET POLICY Known SSL traffic on port 8080 (proxy) being excluded from SSL Alerts; [1
< 511  512  513  514  515  516  517  518  519  520 >
GigaVPN & GigaIPS is based MikroTik, Suricata and EmergingThreats.
Copyright ⓒ 2010 . All Rights Reserved.