시그니처 리스트, Signature List
번호날짜ID시그니처 (Total Ruleset: 27,111개)
16,3612015/01/20 2019307  ET TROJAN Dyre SSL Cert 3;  
16,3602015/01/20 2019306  ET TROJAN Dyre SSL Cert 2;  
16,3592015/01/20 2019305  ET TROJAN Dyre SSL Cert 1;  
16,3582015/01/20 2019304  ET TROJAN Linux/ShellshockCampaign.DDOSBot Terminate Process CnC Server Message; [1
16,3572015/01/20 2019303  ET TROJAN Linux/ShellshockCampaign.DDOSBot Kill Attack CnC Server Message; [1
16,3562015/01/20 2019302  ET TROJAN Linux/ShellshockCampaign.DDOSBot HOLD TCP Flood CnC Server Message; [1
16,3552015/01/20 2019301  ET TROJAN Linux/ShellshockCampaign.DDOSBot TCP Flood CnC Server Message; [1
16,3542015/01/20 2019300  ET TROJAN Linux/ShellshockCampaign.DDOSBot UDP Flood CnC Server Message; [1
16,3532015/01/20 2019299  ET TROJAN Linux/ShellshockCampaign.DDOSBot Random Byte Flood CnC Server Message; [1
16,3522015/01/20 2019298  ET TROJAN Linux/ShellshockCampaign.DDOSBot Execute Shell Command CnC Server Message; [1
16,3512015/01/20 2019297  ET TROJAN Linux/ShellshockCampaign.DDOSBot Scanner CnC Server Message; [1
16,3502015/01/20 2019296  ET TROJAN Linux/ShellshockCampaign.DDOSBot Ping CnC Server Message; [1
16,3492015/01/20 2019295  ET TROJAN Linux/ShellshockCampaign.DDOSBot Get Bot IP CnC Server Message; [1
16,3482015/01/20 2019294  ET TROJAN Linux/ShellshockCampaign.DDOSBot Reporting IP; [1
16,3472015/01/20 2019293  ET EXPLOIT Possible Qmail CVE-2014-6271 Mail From attempt; [1
16,3462015/01/20 2019292  ET WEB_SERVER CVE-2014-6271 Attempt In HTTP Headers Line Continuation Evasion CRLF; [1
16,3452015/01/20 2019291  ET WEB_SERVER CVE-2014-6271 Attempt In HTTP Headers Line Continuation Evasion LF; [1
16,3442015/01/20 2019290  ET EXPLOIT Possible CVE-2014-6271 Attempt Against SIP Proxy; [1
16,3432015/01/20 2019289  ET EXPLOIT Possible CVE-2014-6271 Attempt Against SIP Proxy; [1
16,3422015/01/20 2019288  ET CURRENT_EVENTS DRIVEBY Possible Job314 EK JAR URI Struct;  
16,3412015/01/20 2019287  ET CURRENT_EVENTS DRIVEBY Job314 EK Landing;  
16,3402015/01/20 2019286  ET TROJAN Job314 EK Payload Checkin;  
16,3392015/01/20 2019285  ET WEB_SERVER Possible bash shell piped to dev tcp Inbound to WebServer;  
16,3382015/01/20 2019284  ET ATTACK_RESPONSE Output of id command from HTTP server;  
16,3372015/01/20 2019283  ET TROJAN BlackEnergy POST Request; [1
16,3362015/01/20 2019282  ET CURRENT_EVENTS BlackEnergy Possible SSL Cert Sept 26 2014;  
16,3352015/01/20 2019281  ET TROJAN BlackEnergy v2 POST Request; [1
16,3342015/01/20 2019280  ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (TorrentLocker CnC); [1
16,3332015/01/20 2019279  ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (TorrentLocker CnC); [1
16,3322015/01/20 2019278  ET CURRENT_EVENTS Possible Upatre SSL Cert glynwedasia.com;  
16,3312015/01/20 2019277  ET CURRENT_EVENTS Possible Upatre SSL Cert santa.my;  
16,3302015/01/20 2019276  ET CURRENT_EVENTS Possible Dyre SSL Cert Sept 26 2014;  
16,3292015/01/20 2019275  ET CURRENT_EVENTS Possible Dyre SSL Cert Sept 26 2014;  
16,3282015/01/20 2019274  ET DELETED Possible Dyre SSL Cert Sept 26 2014;  
16,3272015/01/20 2019273  ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP URLENCODE Generic 30; [1
16,3262015/01/20 2019272  ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP URLENCODE Generic 29; [1
16,3252015/01/20 2019271  ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP URLENCODE Generic 28; [1
16,3242015/01/20 2019270  ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP URLENCODE Generic 27; [1
16,3232015/01/20 2019269  ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP URLENCODE Generic 26; [1
16,3222015/01/20 2019268  ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP URLENCODE Generic 25; [1
16,3212015/01/20 2019267  ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP URLENCODE Generic 24; [1
16,3202015/01/20 2019266  ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP URLENCODE Generic 23; [1
16,3192015/01/20 2019265  ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP URLENCODE Generic 22; [1
16,3182015/01/20 2019264  ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP URLENCODE Generic 21; [1
16,3172015/01/20 2019263  ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP URLENCODE Generic 20; [1
16,3162015/01/20 2019262  ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP URLENCODE Generic 19; [1
16,3152015/01/20 2019261  ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP URLENCODE Generic 18; [1
16,3142015/01/20 2019260  ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP URLENCODE Generic 17; [1
16,3132015/01/20 2019259  ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP URLENCODE Generic 16; [1
16,3122015/01/20 2019258  ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP URLENCODE Generic 15; [1
< 211  212  213  214  215  216  217  218  219  220 >
GigaVPN & GigaIPS is based MikroTik, Suricata and EmergingThreats.
Copyright ⓒ 2010 . All Rights Reserved.