시그니처 리스트, Signature List
번호날짜ID시그니처 (Total Ruleset: 27,111개)
6612015/01/20 2001985  ET DELETED HTTP RBOT Challenge/Response Authentication; [1,2,3
6602015/01/20 2001984  ET POLICY SSH session in progress on Unusual Port; [1
6592015/01/20 2001983  ET POLICY SSHv2 Client New Keys Detected on Unusual Port; [1
6582015/01/20 2001982  ET POLICY SSHv2 Client KEX Detected on Unusual Port; [1
6572015/01/20 2001981  ET POLICY SSHv2 Server KEX Detected on Unusual Port; [1
6562015/01/20 2001980  ET POLICY SSH Client Banner Detected on Unusual Port; [1
6552015/01/20 2001979  ET POLICY SSH Server Banner Detected on Unusual Port; [1
6542015/01/20 2001978  ET POLICY SSH session in progress on Expected Port; [1
6532015/01/20 2001977  ET POLICY SSHv2 Client New Keys detected on Expected Port; [1
6522015/01/20 2001976  ET POLICY SSHv2 Client KEX Detected on Expected Port; [1
6512015/01/20 2001975  ET POLICY SSHv2 Server KEX Detected on Expected Port; [1
6502015/01/20 2001974  ET POLICY SSH Client Banner Detected on Expected Port; [1
6492015/01/20 2001973  ET POLICY SSH Server Banner Detected on Expected Port; [1
6482015/01/20 2001972  ET SCAN Behavioral Unusually fast Terminal Server Traffic, Potential Scan or Infection (Inbound); [1
6472015/01/20 2001966  ET DELETED Hotword Trojan - Possible FTP File Status Check ___; [1,2
6462015/01/20 2001965  ET DELETED Hotword Trojan - Possible FTP File Status Upload ___; [1,2
6452015/01/20 2001964  ET DELETED Hotword Trojan - Possible FTP File Request .tea; [1,2
6442015/01/20 2001963  ET DELETED Hotword Trojan - Possible FTP File Request pspv.exe; [1,2
6432015/01/20 2001962  ET DELETED Hotword Trojan - Possible File Upload CFXP; [1,2
6422015/01/20 2001961  ET DELETED Hotword Trojan - Possible File Upload CHJO; [1,2
6412015/01/20 2001960  ET DELETED Hotword Trojan inbound via http; [1,2
6402015/01/20 2001959  ET DELETED Hotword Trojan in Transit; [1,2
6392015/01/20 2001949  ET WEB_SPECIFIC_APPS Athena Web Registration Remote Command Execution Attempt; [1
6382015/01/20 2001947  ET MALWARE Zenotecnico Adware; [1,2
6372015/01/20 2001944  ET NETBIOS MS04-007 Kill-Bill ASN1 exploit attempt; [1,2,3
6362015/01/20 2001933  ET TROJAN PWS Banker Trojan Sending Report of Infection; [1,2
6352015/01/20 2001929  ET WEB_SPECIFIC_APPS XSS Possible Arbitrary Scripting Code Attack in phpBB (signature); [1,2
6342015/01/20 2001928  ET WEB_SPECIFIC_APPS XSS Possible Arbitrary Scripting Code Attack in phpBB (private message); [1,2
6332015/01/20 2001921  ET DELETED Greeting card gif.exe email incoming HTTP; [1,2
6322015/01/20 2001920  ET DELETED Greeting card gif.exe email incoming POP3/IMAP; [1,2
6312015/01/20 2001919  ET DELETED Greeting card gif.exe email incoming SMTP; [1,2
6302015/01/20 2001910  ET DELETED AIM Bot Outbound Control Channel Open and Login; [1
6292015/01/20 2001909  ET POLICY eBay Watch This Item; [1
6282015/01/20 2001908  ET POLICY eBay View Item; [1
6272015/01/20 2001907  ET POLICY eBay Placing Item for sale; [1
6262015/01/20 2001906  ET SCAN MYSQL 4.0 brute force root login attempt; [1,2
6252015/01/20 2001904  ET SCAN Behavioral Unusually fast inbound Telnet Connections, Potential Scan or Brute Force; [1,2
6242015/01/20 2001901  ET TROJAN Possible Bobax trojan infection; [1,2
6232015/01/20 2001898  ET POLICY eBay Bid Placed; [1
6222015/01/20 2001895  ET MALWARE ToolbarPartner Spyware Spambot Retrieving Target Emails; [1,2
6212015/01/20 2001891  ET USER_AGENTS Suspicious User Agent (agent); [1
6202015/01/20 2001890  ET MALWARE ToolbarPartner Spyware Agent Download (1); [1,2
6192015/01/20 2001885  ET MALWARE Begin2Search.com Spyware; [1,2
6182015/01/20 2001884  ET MALWARE DesktopTraffic Toolbar Spyware; [1,2
6172015/01/20 2001882  ET DOS ICMP Path MTU lowered below acceptable threshold; [1,2,3
6162015/01/20 2001874  ET EXPLOIT TCP Reset from MS Exchange after chunked data, probably crashed it (MS05-021); [1,2,3
6152015/01/20 2001873  ET EXPLOIT MS Exchange Link State Routing Chunk (maybe MS05-021); [1,2,3
6142015/01/20 2001872  ET MALWARE Visicom Spyware User-Agent (Visicom); [1
6132015/01/20 2001871  ET MALWARE Target Saver Spyware User-Agent (TSA); [1
6122015/01/20 2001870  ET MALWARE Surfplayer Spyware User-Agent (SurferPlugin); [1
< 521  522  523  524  525  526  527  528  529  530 >
GigaVPN & GigaIPS is based MikroTik, Suricata and EmergingThreats.
Copyright ⓒ 2010 . All Rights Reserved.