GigaVPN

시그니처 리스트, Signature List

번호	날짜	ID	시그니처 (Total Ruleset: 27,111개)
14,211	2015/01/20	2017089	ET WEB_SERVER WebShell - Pouya - Pouya_Server Shell;
14,210	2015/01/20	2017088	ET WEB_SERVER WebShell - GODSPy - Auth Creds;
14,209	2015/01/20	2017087	ET WEB_SERVER WebShell - GODSpy - Auth Prompt;
14,208	2015/01/20	2017086	ET WEB_SERVER WebShell - GODSpy - MySQL;
14,207	2015/01/20	2017085	ET WEB_SERVER WebShell - GODSpy - Cookie;
14,206	2015/01/20	2017084	ET WEB_SERVER WebShell - GODSpy - GODSpy title;
14,205	2015/01/20	2017083	ET WEB_SERVER WebShell - GODSpy - GOD Hacker;
14,204	2015/01/20	2017082	ET INFO ClearTextAuth - HTTP - http_client_body contains pasa form;
14,203	2015/01/20	2017081	ET INFO ClearTextAuth - HTTP - http_uri contains pasa=;
14,202	2015/01/20	2017080	ET INFO ClearTextAuth - HTTP - http_client_body contains pasa=;
14,201	2015/01/20	2017079	ET CURRENT_EVENTS Sibhost Status Check GET Jul 01 2013;
14,200	2015/01/20	2017078	ET CURRENT_EVENTS Lucky7 Java Exploit URI Struct June 28 2013;
14,199	2015/01/20	2017077	ET CURRENT_EVENTS Redirect to DotkaChef EK Landing;
14,198	2015/01/20	2017076	ET CURRENT_EVENTS BlackHole EK Variant Payload Download;
14,197	2015/01/20	2017075	ET CURRENT_EVENTS Sweet Orange applet structure June 27 2013;
14,196	2015/01/20	2017074	ET WEB_SPECIFIC_APPS MoinMoin twikidraw Action Traversal File Upload; [1,2]
14,195	2015/01/20	2017073	ET CURRENT_EVENTS Cool Exploit Kit iframe with obfuscated Java version check Jun 26 2013;
14,194	2015/01/20	2017072	ET DELETED Blackhole/Cool plugindetect in octal Jun 26 2013;
14,193	2015/01/20	2017071	ET CURRENT_EVENTS Neutrino Exploit Kit XOR decodeURIComponent;
14,192	2015/01/20	2017070	ET CURRENT_EVENTS Applet tag in jjencode as (as seen in Dotka Chef EK);
14,191	2015/01/20	2017069	ET CURRENT_EVENTS Neutrino Exploit Kit Clicker.php TDS; [1]
14,190	2015/01/20	2017068	ET CURRENT_EVENTS Neutrino Exploit Kit Redirector To Landing Page; [1]
14,189	2015/01/20	2017067	ET USER_AGENTS Suspicious user agent (Google page);
14,188	2015/01/20	2017066	ET TROJAN Win32/Comisproc Checkin; [1,2,3]
14,187	2015/01/20	2017065	ET CURRENT_EVENTS Pony Loader default URI struct;
14,186	2015/01/20	2017064	ET CURRENT_EVENTS Cool/BHEK/Goon Applet with Alpha-Numeric Encoded HTML entity;
14,185	2015/01/20	2017063	ET EXPLOIT SolusVM WHMCS CURL Multi-part Boundary Issue; [1]
14,184	2015/01/20	2017061	ET EXPLOIT SolusVM 1.13.03 Access to solusvmc-node setuid bin;
14,183	2015/01/20	2017060	ET EXPLOIT SolusVM 1.13.03 SQL injection;
14,182	2015/01/20	2017059	ET CURRENT_EVENTS AryaN IRC bot Botkill command;
14,181	2015/01/20	2017058	ET CURRENT_EVENTS AryaN IRC bot Flood command;
14,180	2015/01/20	2017057	ET CURRENT_EVENTS AryaN IRC bot Download and Execute Scheduled file command;
14,179	2015/01/20	2017056	ET CURRENT_EVENTS AryaN IRC bot CnC2;
14,178	2015/01/20	2017055	ET CURRENT_EVENTS AryaN IRC bot CnC1;
14,177	2015/01/20	2017054	ET WEB_SERVER WebShell Generic - ELF File Uploaded;
14,176	2015/01/20	2017053	ET TROJAN Poison Ivy [server response];
14,175	2015/01/20	2017052	ET TROJAN Poison Ivy [victim beacon];
14,174	2015/01/20	2017051	ET TROJAN Drive Receiving UDP DDoS instructions; [1]
14,173	2015/01/20	2017050	ET TROJAN Drive Receiving IP2 DDoS instructions; [1]
14,172	2015/01/20	2017049	ET TROJAN Drive Receiving IP DDoS instructions; [1]
14,171	2015/01/20	2017048	ET TROJAN Drive Receiving POST2 DDoS instructions; [1]
14,170	2015/01/20	2017047	ET TROJAN Drive Receiving POST1 DDoS instructions; [1]
14,169	2015/01/20	2017046	ET TROJAN Drive Receiving GET DDoS instructions; [1]
14,168	2015/01/20	2017045	ET TROJAN Possible Drive DDoS Check-in;
14,167	2015/01/20	2017044	ET CURRENT_EVENTS Rawin Exploit Kit Jar 1.6 (New);
14,166	2015/01/20	2017043	ET CURRENT_EVENTS Rawin Exploit Kit Jar 1.6 (New);
14,165	2015/01/20	2017042	ET CURRENT_EVENTS Rawin Exploit Kit Jar 1.6 (Old);
14,164	2015/01/20	2017041	ET CURRENT_EVENTS Rawin Exploit Kit Jar 1.7.x;
14,163	2015/01/20	2017040	ET CURRENT_EVENTS Rawin Exploit Kit Landing URI Struct;
14,162	2015/01/20	2017039	ET CURRENT_EVENTS X20 EK Payload Download;
< 251 252 253 254 255 256 257 258 259 260 >

GigaVPN & GigaIPS is based MikroTik, Suricata and EmergingThreats.

서비스 정보가 없습니다.

Add-on 1.2 다운로드

02-1544-4450

보안 '키워드'

Ransomware: 파일/폴더를 암호화하여 금품을 요구

Backdoor: 시스템에 숨겨진 해킹 프로그램

WebShell: 웹서버에 명령을 실행해 관리자 권한 획득

Sipvicious: 인터넷 전화 해킹툴

Trojan: 정상적으로 보여지는 악성 코드

DDoS: 트래픽 공격

Malware: 악성코드(malicious software)

BruteForce: 무작위 대입으로 패스워드 탈취

Sql Injection: 쿼리(query) 삽입 공격

Spyware: 사용자를 속이고 설치되는 프로그램

Adware: 광고를 포함한 프로그램

Tor: 익명 인터넷이나 현재는 악의적 목적으로 사용