Network Content Inspection Rules
Default Rule:
Enable
Disable
| Rule ID | Rule Description | Confidence Level | DDI Default Rule | Network Content Inspection Pattern Release Date | ||
|---|---|---|---|---|---|---|
| DDI RULE 1706 | LDAP SASL Connection Detected |  | 2020/11/19 | DDI RULE 1706 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-1706 | |
| DDI RULE 4462 | Metasploit (Payload) - RC4 Encrypted Reverse TCP - TCP (Request) |  | 2020/11/19 | DDI RULE 4462 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4462 | |
| DDI RULE 2713 | AVTECH Command Injection - Multiple Exploits - HTTP (Request) | | 2020/11/10 | DDI RULE 2713 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2713 | |
| DDI RULE 2018 | DUNIHI HTTP Response | | 2020/11/05 | DDI RULE 2018 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2018 | |
| DDI RULE 1068 | APT - GHOSTRAT - TCP | | 2020/10/26 | DDI RULE 1068 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-1068 | |
| DDI RULE 2247 | DEMO RULE - SMB (Request) | | 2020/10/19 | DDI RULE 2247 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2247 | |
| DDI RULE 2333 | CVE-2017-0016 - Tree Connect Denial of Service Exploit - SMB2 (Response) | | 2020/10/19 | DDI RULE 2333 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2333 | |
| DDI RULE 4469 | APT - COBALTSRIKE - HTTP (RESPONSE) | | 2020/10/19 | DDI RULE 4469 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4469 | |
| DDI RULE 4222 | PST File Upload |  | 2020/10/19 | DDI RULE 4222 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4222 | |
| DDI RULE 4468 | CVE-2020-16898 - EXPLOIT - ICMPv6 (REQUEST) | | 2020/10/15 | DDI RULE 4468 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4468 | |
| DDI RULE 4466 | PsExec Clones - SMB2 (Request) | | 2020/10/14 | DDI RULE 4466 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4466 | |
| DDI RULE 4467 | APT - WATERTIGER - HTTP (Response) | | 2020/10/14 | DDI RULE 4467 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4467 | |
| DDI RULE 4463 | QAKBOT - Malicious Certificate - SSL - Variant 3 | | 2020/10/08 | DDI RULE 4463 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4463 | |
| DDI RULE 4453 | CVE-2020-1472 - Zerologon Privilege Escalation - DCERPC (Request) | | 2020/10/08 | DDI RULE 4453 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4453 | |
| DDI RULE 4455 | CVE-2020-1472 - Zerologon Privilege Escalation - SMB2 (Request) | | 2020/10/08 | DDI RULE 4455 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4455 | |
| DDI RULE 4459 | CVE-2020-1472 - Zerologon Privilege Escalation - SMB (Request) | | 2020/10/08 | DDI RULE 4459 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4459 | |
| DDI RULE 4465 | Remote System Discovery - LSARPC (REQUEST) | | 2020/10/08 | DDI RULE 4465 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4465 | |
| DDI RULE 4300 | WMI Command Execution - DCERPC (Request) | | 2020/10/08 | DDI RULE 4300 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4300 | |
| DDI RULE 1022 | WMI Remote Registry - DCERPC (Request) | | 2020/10/08 | DDI RULE 1022 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-1022 | |
| DDI RULE 4464 | Remote System Discovery - LDAP (REQUEST) | | 2020/10/07 | DDI RULE 4464 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4464 | |
| DDI RULE 2849 | CVE-2019-9194-HTTP RCE - ELFINDER (Request) | | 2020/10/07 | DDI RULE 2849 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2849 | |
| DDI RULE 4460 | CVE-2017-17485 - Jackson Databind Remote Code Execution Exploit - HTTP (Request) | | 2020/10/05 | DDI RULE 4460 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4460 | |
| DDI RULE 4461 | CVE-2017-7504 - JBossMQ JMS Invocation Layer Exploit - HTTP (Request) | | 2020/10/05 | DDI RULE 4461 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4461 | |
| DDI RULE 2388 | Unsuccessful logon - RDP | | 2020/10/05 | DDI RULE 2388 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2388 | |
| DDI RULE 2184 | Successful logon - RDP | | 2020/10/05 | DDI RULE 2184 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2184 | |
| DDI RULE 2212 | Possible Brute force - RDP | | 2020/10/05 | DDI RULE 2212 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2212 | |
| DDI RULE 4142 | SSL Connection | | 2020/09/29 | DDI RULE 4142 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4142 | |
| DDI RULE 4143 | Malicious SSL Client Connection | | 2020/09/29 | DDI RULE 4143 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4143 | |
| DDI RULE 4144 | Malicious SSL Server Connection | | 2020/09/29 | DDI RULE 4144 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4144 | |
| DDI RULE 4145 | Malicious SSL Connection | | 2020/09/29 | DDI RULE 4145 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4145 | |
| DDI RULE 4146 | Suspicious SSL Connection | | 2020/09/29 | DDI RULE 4146 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4146 | |
| DDI RULE 4147 | Suspicious SSL Client Connection | | 2020/09/29 | DDI RULE 4147 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4147 | |
| DDI RULE 4148 | Suspicious SSL Server Connection | | 2020/09/29 | DDI RULE 4148 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4148 | |
| DDI RULE 2210 | Metasploit (Payload) - Reverse TCP Patchup Meterpreter | | 2020/09/28 | DDI RULE 2210 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2210 | |
| DDI RULE 2751 | Remote Command Shell - TCP | | 2020/09/24 | DDI RULE 2751 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2751 | |
| DDI RULE 2752 | Remote PowerShell - TCP | | 2020/09/24 | DDI RULE 2752 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2752 | |
| DDI RULE 2664 | CreateService - SMB (Request) | | 2020/09/21 | DDI RULE 2664 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2664 | |
| DDI RULE 4443 | Logon successful - SSH | | 2020/09/21 | DDI RULE 4443 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4443 | |
| DDI RULE 4444 | Unsuccessful logon - SSH | | 2020/09/21 | DDI RULE 4444 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4444 | |
| DDI RULE 4445 | Possible Brute force - SSH | | 2020/09/21 | DDI RULE 4445 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4445 | |
| DDI RULE 4450 | SERVER PROTECT RCE EXPLOIT - HTTP (REQUEST) | | 2020/09/17 | DDI RULE 4450 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4450 | |
| DDI RULE 4451 | APT - MUDDYWATER - HTTP (Request) | | 2020/09/17 | DDI RULE 4451 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4451 | |
| DDI RULE 4452 | CVE-2020-0911 - EXPLOIT - ICMPv6 (REQUEST) | | 2020/09/16 | DDI RULE 4452 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4452 | |
| DDI RULE 4429 | Remote Service execution through SMB2 SVCCTL detected - Variant 2 | | 2020/09/15 | DDI RULE 4429 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4429 | |
| DDI RULE 4449 | Remote Service execution through SMB2 SVCCTL detected - Variant 3 | | 2020/09/14 | DDI RULE 4449 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4449 | |
| DDI RULE 4448 | WORDPRESS PLUGIN FILEMANAGER EXPLOIT - HTTP (REQUEST) | | 2020/09/08 | DDI RULE 4448 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4448 | |
| DDI RULE 4447 | Potential Credit Card Info on ICMP Echo - ICMP (Request) | | 2020/09/07 | DDI RULE 4447 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4447 | |
| DDI RULE 4442 | APT - DROVORUB - WEBSOCKET (RESPONSE) | | 2020/09/07 | DDI RULE 4442 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4442 | |
| DDI RULE 4446 | Apache Struts Potential Remote Code Execution Exploit - HTTP (Request) | | 2020/09/01 | DDI RULE 4446 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4446 | |
| DDI RULE 4436 | SQL Injection Remote Code Execution Sensor - HTTP (Request) | | 2020/08/24 | DDI RULE 4436 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4436 | |
| DDI RULE 4437 | CVE-2014-9295 - Buffer Overflow - NTP (Request) | | 2020/08/24 | DDI RULE 4437 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4437 | |
| DDI RULE 4438 | CVE-2015-7855 - Denial of Service via decodenetnum - NTP (Request) | | 2020/08/24 | DDI RULE 4438 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4438 | |
| DDI RULE 4439 | CVE-2016-7434 - Denial of Service via mrulist - NTP (Request) | | 2020/08/24 | DDI RULE 4439 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4439 | |
| DDI RULE 4440 | CVE-2016-9312 - Possible Denial of Service via large packets - NTP (Request) | | 2020/08/24 | DDI RULE 4440 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4440 | |
| DDI RULE 4441 | QAKBOT - Malicious Certificate - SSL - Variant 2 | | 2020/08/20 | DDI RULE 4441 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4441 | |
| DDI RULE 4434 | CVE-2020-9484 - Apache Tomcat Deserialization Remote Code Execution - HTTP (Request) | | 2020/08/10 | DDI RULE 4434 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4434 | |
| DDI RULE 2452 | Wget Commandline Injection | | 2020/08/06 | DDI RULE 2452 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2452 | |
| DDI RULE 1600 | Report Server ID MODBUS Request | | 2020/08/06 | DDI RULE 1600 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-1600 | |
| DDI RULE 1598 | Non-Modbus Communication Request | | 2020/08/06 | DDI RULE 1598 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-1598 | |
| DDI RULE 1599 | Illegal Packet Size - Possible DOS Attack MODBUS Request | | 2020/08/06 | DDI RULE 1599 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-1599 | |
| DDI RULE 1122 | Office Document File Internal Transfer | | 2020/08/05 | DDI RULE 1122 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-1122 | |
| DDI RULE 1123 | Office Document File Upload | | 2020/08/05 | DDI RULE 1123 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-1123 | |
| DDI RULE 1119 | HTTP Request - Hostname is an IP address | | 2020/08/05 | DDI RULE 1119 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-1119 | |
| DDI RULE 1126 | Executable file via FTP - class 1 | | 2020/08/05 | DDI RULE 1126 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-1126 | |
| DDI RULE 2289 | Unsuccessful logon - FTP | | 2020/08/05 | DDI RULE 2289 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2289 | |
| DDI RULE 2290 | Possible Brute force - FTP | | 2020/08/05 | DDI RULE 2290 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2290 | |
| DDI RULE 4430 | Unencrypted REMCOS - TCP (Request) | | 2020/07/30 | DDI RULE 4430 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4430 | |
| DDI RULE 4432 | NGIOWEB - HTTP (REQUEST) | | 2020/07/30 | DDI RULE 4432 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4432 | |
| DDI RULE 4433 | APT - SUNFOU - HTTP (REQUEST) | | 2020/07/30 | DDI RULE 4433 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4433 | |
| DDI RULE 2793 | APT - WINNTI - HTTP (Response) | | 2020/07/30 | DDI RULE 2793 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2793 | |
| DDI RULE 2544 | JAWS Remote Code Execution Exploit - HTTP (Request) | | 2020/07/30 | DDI RULE 2544 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2544 | |
| DDI RULE 2874 | ZEROSHELL RCE EXPLOIT - HTTP (Request) | | 2020/07/30 | DDI RULE 2874 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2874 | |
| DDI RULE 1764 | Possible Superfish SSL certificate detected | | 2020/07/29 | DDI RULE 1764 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-1764 | |
| DDI RULE 2890 | INFOSTEAL - HTTP (Request) - Variant 5 | | 2020/07/28 | DDI RULE 2890 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2890 | |
| DDI RULE 1052 | IP Malicious - Class 1 | | 2020/07/27 | DDI RULE 1052 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-1052 | |
| DDI RULE 4427 | APT - WELLMAIL - Malicious Certificate - SSL (Response) | | 2020/07/23 | DDI RULE 4427 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4427 | |
| DDI RULE 4428 | APT - WELLMESS - Malicious Certificate - SSL (Response) | | 2020/07/23 | DDI RULE 4428 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4428 | |
| DDI RULE 4425 | CVE-2020-1350 - DNS OVER TCP EXPLOIT - DNS (Response) | | 2020/07/22 | DDI RULE 4425 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4425 | |
| DDI RULE 4426 | CVE-2020-1350 - DNS OVER TCP EXPLOIT - TCP (Request) | | 2020/07/22 | DDI RULE 4426 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4426 | |
| DDI RULE 2000 | Metasploit(Payload) - Reverse DLL Inject - TCP (Response) | | 2020/07/22 | DDI RULE 2000 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2000 | |
| DDI RULE 2211 | Unsuccessful logon using default Administrator account - RDP | | 2020/07/20 | DDI RULE 2211 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2211 | |
| DDI RULE 2213 | Possible Brute force using privileged user - RDP | | 2020/07/20 | DDI RULE 2213 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2213 | |
| DDI RULE 2391 | Busybox Checking - TELNET (Request) | | 2020/07/13 | DDI RULE 2391 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2391 | |
| DDI RULE 4424 | CVE-2020-5902 - DIRECTORY TRAVERSAL EXPLOIT - HTTP (REQUEST) | | 2020/07/09 | DDI RULE 4424 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4424 | |
| DDI RULE 4322 | possible Directory Traversal Exploit Attempted - URI Path - HTTP (Request) - Variant 2 | | 2020/07/09 | DDI RULE 4322 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4322 | |
| DDI RULE 4321 | POWERTRICK - HTTP (REQUEST) | | 2020/07/06 | DDI RULE 4321 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4321 | |
| DDI RULE 4207 | CVE-2019-11354 - DOTPROJECT SQL Injection - HTTP (Request) | | 2020/07/01 | DDI RULE 4207 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4207 | |
| DDI RULE 2663 | APT - EXFRAM - TCP (Request) | | 2020/06/23 | DDI RULE 2663 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2663 | |
| DDI RULE 4311 | APT - BOTLODR - HTTP (REQUEST) | | 2020/06/23 | DDI RULE 4311 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4311 | |
| DDI RULE 4313 | MALXMR - HTTP (REQUEST) | | 2020/06/23 | DDI RULE 4313 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4313 | |
| DDI RULE 4305 | APT - KSDOOR - HTTP (REQUEST) | | 2020/06/23 | DDI RULE 4305 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4305 | |
| DDI RULE 4309 | APT - LODEINFO - HTTP (Request) | | 2020/06/23 | DDI RULE 4309 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4309 | |
| DDI RULE 4230 | APT - DATPER - HTTP (Request) | | 2020/06/23 | DDI RULE 4230 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4230 | |
| DDI RULE 2019 | APT - DALGAN - HTTP (Request) | | 2020/06/23 | DDI RULE 2019 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2019 | |
| DDI RULE 1774 | APT - Possible EMDIVI - HTTP (Request) - Variant 5 | | 2020/06/23 | DDI RULE 1774 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-1774 | |
| DDI RULE 1046 | APT - Connection attempt to an APT-related CNC server detected | | 2020/06/23 | DDI RULE 1046 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-1046 | |
| DDI RULE 1549 | APT - WINNTI - HTTP (Request) | | 2020/06/23 | DDI RULE 1549 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-1549 | |
| DDI RULE 1704 | APT - TALERET - HTTP (Request) - Variant 2 | | 2020/06/23 | DDI RULE 1704 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-1704 | |
| DDI RULE 1139 | DORKBOT IRC Request - Class 1 | | 2020/06/22 | DDI RULE 1139 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-1139 | |
| DDI RULE 2467 | RETEFE - HTTP (Response) | | 2020/06/17 | DDI RULE 2467 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2467 | |
| DDI RULE 2481 | DOWNLOADER - HTTP (Response) | | 2020/06/17 | DDI RULE 2481 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2481 | |
| DDI RULE 2443 | SPORA - Ransomware - HTTP (Response) | | 2020/06/17 | DDI RULE 2443 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2443 | |
| DDI RULE 4303 | Executable file download from root directory - HTTP (Response) | | 2020/06/17 | DDI RULE 4303 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4303 | |
| DDI RULE 4304 | Executable file download - HTTP (Response) | | 2020/06/17 | DDI RULE 4304 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4304 | |
| DDI RULE 4323 | CVE-2019-19781 - CITRIX ADC DIRECTORY TRAVERSAL EXPLOIT - HTTP (REQUEST) | | 2020/06/17 | DDI RULE 4323 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4323 | |
| DDI RULE 4355 | CVE-2020-8794 - OPENSMTPD RCE EXPLOIT - SMTP (RESPONSE) | | 2020/06/17 | DDI RULE 4355 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4355 | |
| DDI RULE 4423 | ACIDBAT - TCP (Request) | | 2020/06/17 | DDI RULE 4423 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4423 | |
| DDI RULE 4380 | CVE-2020-5722 - GRANDSTREAM RCE EXPLOIT - HTTP (REQUEST) | | 2020/06/17 | DDI RULE 4380 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4380 | |
| DDI RULE 4398 | CVE-2020-12109 - TPLINK RCE EXPLOIT - HTTP (REQUEST) | | 2020/06/17 | DDI RULE 4398 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4398 | |
| DDI RULE 2650 | ANDROM - HTTP (Response) | | 2020/06/17 | DDI RULE 2650 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2650 | |
| DDI RULE 2653 | PHOTOMINER - HTTP (Response) | | 2020/06/17 | DDI RULE 2653 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2653 | |
| DDI RULE 2715 | MINER CONFIG - HTTP (Response) | | 2020/06/17 | DDI RULE 2715 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2715 | |
| DDI RULE 2767 | Window Shell Remote Code Execution - HTTP (Response) | | 2020/06/17 | DDI RULE 2767 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2767 | |
| DDI RULE 2757 | ELF File requested from root directory - HTTP (Response) | | 2020/06/17 | DDI RULE 2757 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2757 | |
| DDI RULE 2731 | KAIXIN - Exploit Kit - HTTP (Response) - Variant 5 | | 2020/06/17 | DDI RULE 2731 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2731 | |
| DDI RULE 2542 | MINER - HTTP (Response) | | 2020/06/17 | DDI RULE 2542 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2542 | |
| DDI RULE 2504 | CVE-2017-9798 - APACHE OPTIONSBLEED Vulnerability - HTTP (Response) | | 2020/06/17 | DDI RULE 2504 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2504 | |
| DDI RULE 2514 | TERROR - Exploit Kit - HTTP (Response) | | 2020/06/17 | DDI RULE 2514 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2514 | |
| DDI RULE 2585 | Ratankba Downloader - HTTP (Response) | | 2020/06/17 | DDI RULE 2585 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2585 | |
| DDI RULE 2591 | KRBANKER - HTTP (Response) | | 2020/06/17 | DDI RULE 2591 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2591 | |
| DDI RULE 2608 | EMOTET - HTTP (Response) - Variant 2 | | 2020/06/17 | DDI RULE 2608 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2608 | |
| DDI RULE 2609 | HANCITOR - HTTP (Request) - Variant 3 | | 2020/06/17 | DDI RULE 2609 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2609 | |
| DDI RULE 2616 | Suspicious CWS Flash - HTTP (Response) | | 2020/06/17 | DDI RULE 2616 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2616 | |
| DDI RULE 2617 | GANDCRAB - Ransomware - HTTP (Response) | | 2020/06/17 | DDI RULE 2617 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2617 | |
| DDI RULE 2620 | Suspicious Executable File Download - HTTP (Response) | | 2020/06/17 | DDI RULE 2620 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2620 | |
| DDI RULE 4181 | TREVOR - HTTP (Response) | | 2020/06/17 | DDI RULE 4181 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4181 | |
| DDI RULE 2825 | CVE-2010-1871 JBOSS Remote Code Execution - HTTP (Request) | | 2020/06/17 | DDI RULE 2825 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2825 | |
| DDI RULE 2939 | CVE-2018-6961 VMWARE NSX RCE EXPLOIT - HTTP (Request) | | 2020/06/16 | DDI RULE 2939 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2939 | |
| DDI RULE 4217 | CVE-2019-12991 - CITRIX SDWAN RCE - HTTP (Request) | | 2020/06/16 | DDI RULE 4217 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4217 | |
| DDI RULE 4111 | CVE-2009-5157 Linksys WAG54G2 RCE Exploit - HTTP (Request) | | 2020/06/16 | DDI RULE 4111 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4111 | |
| DDI RULE 4113 | CVE-2019-12095 Horde Webmail Unauthenticated XSS Exploit - HTTP (Request) | | 2020/06/16 | DDI RULE 4113 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4113 | |
| DDI RULE 4114 | CVE-2012-4869 PBX RCE Exploit - HTTP (Request) | | 2020/06/16 | DDI RULE 4114 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4114 | |
| DDI RULE 2588 | CVE-2017-9822 DotNetNuke Remote Code Execution Exploit - HTTP (Request) | | 2020/06/16 | DDI RULE 2588 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2588 | |
| DDI RULE 2517 | CVE-2017-14493 - DNSMASQ Buffer Overflow Exploit - DHCP (Request) | | 2020/06/16 | DDI RULE 2517 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2517 | |
| DDI RULE 2518 | CVE-2017-14496 - DNSMASQ Integer Underflow Exploit - DNS (Request) | | 2020/06/16 | DDI RULE 2518 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2518 | |
| DDI RULE 4383 | CVE-2020-7961 - LIFERAY PORTAL RCE EXPLOIT - HTTP (Request) | | 2020/06/16 | DDI RULE 4383 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4383 | |
| DDI RULE 4391 | COBEACON - DNS (Response) | | 2020/06/16 | DDI RULE 4391 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4391 | |
| DDI RULE 4401 | CVE-2020-13118 - MIKROTIK SQL INJECT - HTTP (REQUEST) | | 2020/06/16 | DDI RULE 4401 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4401 | |
| DDI RULE 4324 | CVE-2019-20197 - NAGIOSXI Remote Code Execution Exploit - HTTP (Request) | | 2020/06/16 | DDI RULE 4324 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4324 | |
| DDI RULE 4325 | CVE-2019-10758 - MONGODB RCE EXPLOIT - HTTP (REQUEST) | | 2020/06/16 | DDI RULE 4325 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4325 | |
| DDI RULE 4204 | CVE-2019-15107 WEBMIN RCE Exploit - HTTP (Request) | | 2020/06/16 | DDI RULE 4204 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4204 | |
| DDI RULE 4242 | CVE-2018-18778 - ACME File Discovery Exploit - HTTP (RESPONSE) | | 2020/06/16 | DDI RULE 4242 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4242 | |
| DDI RULE 4248 | CVE-2019-2618 - WEBLOGIC FILE UPLOAD EXPLOIT - HTTP (REQUEST) | | 2020/06/16 | DDI RULE 4248 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4248 | |
| DDI RULE 4267 | CVE-2019-11043 - PHP RCE EXPLOIT - HTTP (REQUEST) | | 2020/06/16 | DDI RULE 4267 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4267 | |
| DDI RULE 4277 | CVE-2019-5127 - YOUPHPTUBE COMMAND INJECTION - HTTP (REQUEST) | | 2020/06/16 | DDI RULE 4277 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4277 | |
| DDI RULE 2253 | CVE-2016-2776 DNS ISC BIND TSIG EXPLOIT - DNS (Request) | | 2020/06/16 | DDI RULE 2253 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2253 | |
| DDI RULE 1531 | Possible SSL CVE-2014-0224 CCS Injection - Class 1 | | 2020/06/16 | DDI RULE 1531 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-1531 | |
| DDI RULE 1618 | CVE-2014-6271 - Shellshock HTTP Request | | 2020/06/16 | DDI RULE 1618 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-1618 | |
| DDI RULE 1010 | PE_XPAJ TCP Connection - Class 1 | | 2020/06/15 | DDI RULE 1010 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-1010 | |
| DDI RULE 2448 | REGEORG - HTTP (Response) | | 2020/06/15 | DDI RULE 2448 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2448 | |
| DDI RULE 2377 | CVE-2017-9073 - Remote Code Execution - RDP | | 2020/06/15 | DDI RULE 2377 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2377 | |
| DDI RULE 4278 | CVE-2019-5121 - YOUPHPTUBE SQL INJECTION - HTTP (REQUEST) | | 2020/06/15 | DDI RULE 4278 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4278 | |
| DDI RULE 4273 | CVE-2019-16278 - DIRECTORY TRAVERSAL EXPLOIT - HTTP (REQUEST) | | 2020/06/15 | DDI RULE 4273 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4273 | |
| DDI RULE 4274 | CVE-2007-5693 - Sitebar Remote Code Execution EXPLOIT - HTTP (REQUEST) | | 2020/06/15 | DDI RULE 4274 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4274 | |
| DDI RULE 4251 | CVE-2019-16920 - DLINK RCE EXPLOIT - HTTP (REQUEST) | | 2020/06/15 | DDI RULE 4251 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4251 | |
| DDI RULE 4333 | CVE-2019-18396 - TECHNICOLOR RCE EXPLOIT - HTTP (REQUEST) | | 2020/06/15 | DDI RULE 4333 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4333 | |
| DDI RULE 4339 | CVE-2018-7777 - SCHNEIDER RCE EXPLOIT - HTTP (REQUEST) | | 2020/06/15 | DDI RULE 4339 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4339 | |
| DDI RULE 4421 | CVE-2020-1301 - RCE DDOS EXPLOIT - SMB (Request) | | 2020/06/15 | DDI RULE 4421 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4421 | |
| DDI RULE 4422 | Possible CVE-2020-1206 - BLEED EXPLOIT - (Request) | | 2020/06/15 | DDI RULE 4422 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4422 | |
| DDI RULE 4400 | CVE-2019-7193 - QNAP RCE EXPLOIT - HTTP (REQUEST) | | 2020/06/15 | DDI RULE 4400 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4400 | |
| DDI RULE 4379 | CVE-2019-20499 - DLINK DWL RCE EXPLOIT - HTTP (REQUEST) | | 2020/06/15 | DDI RULE 4379 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4379 | |
| DDI RULE 4372 | CVE-2020-8949 - GOCLOUD RCE EXPLOIT - HTTP (REQUEST) | | 2020/06/15 | DDI RULE 4372 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4372 | |
| DDI RULE 4373 | CVE-2020-9026 - ELTEX RCE EXPLOIT - HTTP (REQUEST) | | 2020/06/15 | DDI RULE 4373 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4373 | |
| DDI RULE 2589 | LOKI - HTTP (Response) | | 2020/06/15 | DDI RULE 2589 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2589 | |
| DDI RULE 2723 | MAGNITUDE - Exploit Kit - HTTP (Response) | | 2020/06/15 | DDI RULE 2723 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2723 | |
| DDI RULE 2750 | CVE-2018-8007 Apache CouchDB Remote Code Execution Exploit - HTTP (Request) | | 2020/06/15 | DDI RULE 2750 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2750 | |
| DDI RULE 2701 | Possible EMOTET - HTTP (Response) - Variant 3 | | 2020/06/15 | DDI RULE 2701 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2701 | |
| DDI RULE 4112 | CVE-2019-12094 Horde Webmail Unauthenticated RCE Exploit - HTTP (Request) | | 2020/06/15 | DDI RULE 4112 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4112 | |
| DDI RULE 4218 | CVE-2014-4663 TIMTHUMB RCE Exploit- HTTP (Request) | | 2020/06/15 | DDI RULE 4218 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4218 | |
| DDI RULE 4188 | CVE-2014-3914 - Rocket Servergraph - RCE - HTTP (Request) | | 2020/06/15 | DDI RULE 4188 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4188 | |
| DDI RULE 4259 | MDMP File Upload | | 2020/06/12 | DDI RULE 4259 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4259 | |
| DDI RULE 4260 | Log Files Upload | | 2020/06/12 | DDI RULE 4260 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4260 | |
| DDI RULE 4403 | SSH on Non-Standard Port - Request | | 2020/06/11 | DDI RULE 4403 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4403 | |
| DDI RULE 4415 | JSPSPY Webshell - HTTP (Request) - Variant 2 | | 2020/06/08 | DDI RULE 4415 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4415 | |
| DDI RULE 4419 | Zyxel - Remote Code Execution - HTTP (Request) - Variant 2 | | 2020/06/08 | DDI RULE 4419 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4419 | |
| DDI RULE 4420 | SHELLRESET - DATA EXFILTRATION - HTTP (Request) | | 2020/06/08 | DDI RULE 4420 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4420 | |
| DDI RULE 2639 | CVE-2018-10562 - GPON Remote Code Execution - HTTP (Request) | | 2020/06/08 | DDI RULE 2639 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2639 | |
| DDI RULE 4418 | Possible CVE-2020-0796 - SERVER COMPRESSION TRANSFORM EXPLOIT - SMB3 (Request) - Variant 2 | | 2020/06/05 | DDI RULE 4418 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4418 | |
| DDI RULE 4416 | CVE-2020-11963 - IQROUTER RCE EXPLOIT - HTTP (REQUEST) | | 2020/06/04 | DDI RULE 4416 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4416 | |
| DDI RULE 4417 | CVE-2020-11963 - IQROUTER RCE EXPLOIT - HTTP (REQUEST) - Variant 2 | | 2020/06/04 | DDI RULE 4417 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4417 | |
| DDI RULE 4402 | CVE-2020-11652 - Saltstack Directory Traversal - TCP (Request) | | 2020/06/03 | DDI RULE 4402 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4402 | |
| DDI RULE 4414 | ThinkPHP 5x Remote Code Execution - HTTP (Request) - Variant 2 | | 2020/06/03 | DDI RULE 4414 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4414 | |
| DDI RULE 4399 | CVE-2020-11651 - Saltstack Remote Code Execution Exploit - TCP (Request) | | 2020/06/03 | DDI RULE 4399 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4399 | |
| DDI RULE 2500 | Executable Image Download - HTTP (Response) | | 2020/06/03 | DDI RULE 2500 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2500 | |
| DDI RULE 4413 | Possible Directory Traversal Exploit Attempted SENSOR - HEADERS - HTTP (Request) | | 2020/06/02 | DDI RULE 4413 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4413 | |
| DDI RULE 4412 | CVE-2020-8617 - NXNSATTACK - DNS (REQUEST) | | 2020/06/01 | DDI RULE 4412 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4412 | |
| DDI RULE 4397 | ACTIVE DIRECTORY GPO DEPLOY COMMAND - SMB2 (Response) | | 2020/05/28 | DDI RULE 4397 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4397 | |
| DDI RULE 2837 | CVE-2012-0874 JBOSS JMXInvoker/EJBinvoker Remote Code Execution Exploit - HTTP (Request) | | 2020/05/26 | DDI RULE 2837 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2837 | |
| DDI RULE 2654 | Powershell - SMB | | 2020/05/14 | DDI RULE 2654 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2654 | |
| DDI RULE 4235 | Remote CreateService - SMB2 (Request) | | 2020/05/14 | DDI RULE 4235 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4235 | |
| DDI RULE 4236 | Meterpreter Powershell - SMB2 (Request) | | 2020/05/14 | DDI RULE 4236 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4236 | |
| DDI RULE 4389 | APT - GRIFFON - HTTP (Request) | | 2020/05/13 | DDI RULE 4389 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4389 | |
| DDI RULE 4395 | HADGLIDER - HTTP (REQUEST) | | 2020/05/13 | DDI RULE 4395 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4395 | |
| DDI RULE 4390 | CobaltStrike - HTTPS (Request) | | 2020/05/12 | DDI RULE 4390 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4390 | |
| DDI RULE 4392 | CVE-2020-12078 - OPENAUDIT RCE EXPLOIT - HTTP (Request) | | 2020/05/11 | DDI RULE 4392 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4392 | |
| DDI RULE 4393 | CVE-2020-10808 - IFS UNIX EXPLOIT - FTP (Request) | | 2020/05/11 | DDI RULE 4393 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4393 | |
| DDI RULE 4394 | CVE-2020-2883 - WEBLOGIC T3 EXPLOIT - TCP (REQUEST) | | 2020/05/11 | DDI RULE 4394 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4394 | |
| DDI RULE 1641 | CVE-2014-6277 - SHELLSHOCK HTTP Exploit | | 2020/05/11 | DDI RULE 1641 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-1641 | |
| DDI RULE 1642 | CVE-2014-6278 - SHELLSHOCK HTTP Exploit | | 2020/05/11 | DDI RULE 1642 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-1642 | |
| DDI RULE 4387 | Possible SoftEther VPN Client - HTTPS (REQUEST) | | 2020/05/06 | DDI RULE 4387 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4387 | |
| DDI RULE 4386 | CVE-2020-3952 - VSPHERE EXPLOIT - LDAP (Request) | | 2020/05/05 | DDI RULE 4386 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4386 | |
| DDI RULE 4385 | Invalid Credentials - LDAP (Response) | | 2020/05/04 | DDI RULE 4385 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4385 | |
| DDI RULE 4384 | UNIX IFS SHELL RCE - HTTP (Request) | | 2020/04/29 | DDI RULE 4384 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4384 | |
| DDI RULE 1502 | Possible Malformed Heartbeat SSL Response - Class 1 | | 2020/04/29 | DDI RULE 1502 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-1502 | |
| DDI RULE 1503 | Possible Malformed Heartbeat SSL Response - Class 2 | | 2020/04/29 | DDI RULE 1503 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-1503 | |
| DDI RULE 2363 | QAKBOT - Malicious certificate - SSL | | 2020/04/28 | DDI RULE 2363 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2363 | |
| DDI RULE 2412 | TRICKBOT - Malicious certificate - SSL | | 2020/04/28 | DDI RULE 2412 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2412 | |
| DDI RULE 2005 | Possible EDELLROOT certificate detected | | 2020/04/28 | DDI RULE 2005 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2005 | |
| DDI RULE 4382 | CGIBIN Unauthenticated Remote Code Execution - HTTP (REQUEST) - Variant 2 | | 2020/04/27 | DDI RULE 4382 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4382 | |
| DDI RULE 4381 | Possible Pseudorandom Subdomain Attack - DNS (Response) | | 2020/04/23 | DDI RULE 4381 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4381 | |
| DDI RULE 4249 | NEGASTEAL - SMTP (Request) | | 2020/04/22 | DDI RULE 4249 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4249 | |
| DDI RULE 4297 | PAEXEC - SMB2 (REQUEST) | | 2020/04/21 | DDI RULE 4297 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4297 | |
| DDI RULE 2342 | IMEIJ - TCP | | 2020/04/21 | DDI RULE 2342 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2342 | |
| DDI RULE 1183 | ZBOT - DNS (Request) | | 2020/04/20 | DDI RULE 1183 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-1183 | |
| DDI RULE 4337 | INFOSTEALER - HTTP (REQUEST) | | 2020/04/13 | DDI RULE 4337 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4337 | |
| DDI RULE 4376 | VALTAK - HTTP (REQUEST) - Variant 2 | | 2020/04/02 | DDI RULE 4376 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4376 | |
| DDI RULE 4377 | VALTAK - HTTP (REQUEST) | | 2020/04/02 | DDI RULE 4377 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4377 | |
| DDI RULE 4378 | PWNAGE - DNS (Response) | | 2020/04/02 | DDI RULE 4378 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4378 | |
| DDI RULE 2610 | Possible MEMCACHED Amplified DDOS Attempt - UDP (Request) | | 2020/03/30 | DDI RULE 2610 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2610 | |
| DDI RULE 2584 | POSGERAT Data Exfiltration - DNS (Response) | | 2020/03/30 | DDI RULE 2584 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2584 | |
| DDI RULE 4199 | Amazon Phishing - DNS (Response) | | 2020/03/30 | DDI RULE 4199 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4199 | |
| DDI RULE 2280 | DUNIHI - TCP | | 2020/03/30 | DDI RULE 2280 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2280 | |
| DDI RULE 2308 | Possible DGA - DNS (Response) | | 2020/03/30 | DDI RULE 2308 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2308 | |
| DDI RULE 4239 | VBulletin Remote Command Execution - HTTP (Request) | | 2020/03/25 | DDI RULE 4239 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4239 | |
| DDI RULE 4265 | CVE-2019-16663 - RCONFIG RCE EXPLOIT - HTTP (REQUEST) | | 2020/03/24 | DDI RULE 4265 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4265 | |
| DDI RULE 4374 | NETLINK GPON RCE EXPLOIT - HTTP(Request) | | 2020/03/24 | DDI RULE 4374 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4374 | |
| DDI RULE 4375 | CVE-2020-10221 - RCONFIG RCE EXPLOIT - HTTP (REQUEST) | | 2020/03/24 | DDI RULE 4375 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4375 | |
| DDI RULE 4362 | CVE-2020-9054 - ZYXEL NAS - HTTP (REQUEST) | | 2020/03/23 | DDI RULE 4362 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4362 | |
| DDI RULE 2871 | Possible Directory Traversal Exploit Attempted - URI Variable/URI Path - HTTP (Request) | | 2020/03/19 | DDI RULE 2871 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2871 | |
| DDI RULE 1184 | Possible Directory Traversal Exploit Attempted - Messagebody - HTTP (Request) | | 2020/03/19 | DDI RULE 1184 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-1184 | |
| DDI RULE 4347 | Suspicious Cgi Directory Traversal - HTTP (Request) - Variant 2 | | 2020/03/18 | DDI RULE 4347 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4347 | |
| DDI RULE 4223 | APT - Suspicious Cgi - HTTP (Request) | | 2020/03/18 | DDI RULE 4223 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4223 | |
| DDI RULE 4366 | Suspicious Cgi Directory Traversal - HTTP (Request) - Variant 3 | | 2020/03/18 | DDI RULE 4366 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4366 | |
| DDI RULE 4348 | Suspicious Cgi Arbitrary File Upload - HTTP (Request) | | 2020/03/17 | DDI RULE 4348 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4348 | |
| DDI RULE 4338 | Suspicious File Upload - HTTP (Request) | | 2020/03/17 | DDI RULE 4338 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4338 | |
| DDI RULE 4365 | CVE-2020-0796 - SERVER COMPRESSION TRANSFORM EXPLOIT - SMB3 (Request) | | 2020/03/16 | DDI RULE 4365 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4365 | |
| DDI RULE 4367 | CVE-2020-9351 - SMARTCLIENT - Exploit - HTTP (Request) | | 2020/03/16 | DDI RULE 4367 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4367 | |
| DDI RULE 4368 | CVE-2020-9353 - SMARTCLIENT Directory Traversal Exploit - HTTP (Request) | | 2020/03/16 | DDI RULE 4368 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4368 | |
| DDI RULE 4369 | CVE-2020-9353 - SMARTCLIENT File Upload Exploit - HTTP (Request) | | 2020/03/16 | DDI RULE 4369 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4369 | |
| DDI RULE 4370 | CCTV-DVR Remote Code Execution - HTTP (Request) - Variant 2 | | 2020/03/16 | DDI RULE 4370 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4370 | |
| DDI RULE 4371 | CVE-2020-8515 - DRAYTEK VIGOR Remote Code Execution Exploit - HTTP (Request) | | 2020/03/16 | DDI RULE 4371 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4371 | |
| DDI RULE 2385 | SOAP RCE EXPLOIT - HTTP (Request) | | 2020/03/12 | DDI RULE 2385 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2385 | |
| DDI RULE 4364 | RACCOON - HTTP (REQUEST) | | 2020/03/11 | DDI RULE 4364 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4364 | |
| DDI RULE 2867 | BELKIN Router - HTTP (Request) - Variant 2 | | 2020/03/11 | DDI RULE 2867 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2867 | |
| DDI RULE 2868 | ZTE Router - HTTP (Request) - Variant 2 | | 2020/03/11 | DDI RULE 2868 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2868 | |
| DDI RULE 4363 | VIRTUALFREER RCE EXPLOIT - HTTP (REQUEST) | | 2020/03/09 | DDI RULE 4363 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4363 | |
| DDI RULE 4361 | DLINK Command Injection Exploit - HTTP (Request) - Variant 4 | | 2020/03/09 | DDI RULE 4361 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4361 | |
| DDI RULE 4360 | Comtrend - Remote Command Execution Exploit - HTTP (REQUEST) | | 2020/03/05 | DDI RULE 4360 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4360 | |
| DDI RULE 4357 | CVE-2020-0688 - Microsoft Exchange Validation Key Remote Code Execution - HTTP (Request) | | 2020/03/05 | DDI RULE 4357 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4357 | |
| DDI RULE 4358 | Cloud Snooper - TCP Connection | | 2020/03/05 | DDI RULE 4358 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4358 | |
| DDI RULE 4359 | CVE-2020-9374 - TPLINK RCE EXPLOIT - HTTP (REQUEST) | | 2020/03/05 | DDI RULE 4359 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4359 | |
| DDI RULE 4316 | D-Link Unauthenticated Remote Code Execution in HTTP_ST - UDP (Request) | | 2020/03/05 | DDI RULE 4316 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4316 | |
| DDI RULE 4351 | CVE-2020-8813 - CACTI RCE EXPLOIT - HTTP (REQUEST) | | 2020/03/04 | DDI RULE 4351 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4351 | |
| DDI RULE 4356 | CVE-2019-17564 - Apache Dubbo Unauthenticated Remote Code Execution Exploit - HTTP (Request) | | 2020/03/04 | DDI RULE 4356 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4356 | |
| DDI RULE 4353 | CVE-2019-19356 - NETIS Remote Code Execution - HTTP (Request) | | 2020/03/03 | DDI RULE 4353 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4353 | |
| DDI RULE 4354 | CVE-2020-1938 - TOMCAT AJP LFI EXPLOIT - TCP (Request) | | 2020/03/03 | DDI RULE 4354 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4354 | |
| DDI RULE 4287 | OpenNetAdmin Remote Code Execution Exploit (Request) | | 2020/03/03 | DDI RULE 4287 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4287 | |
| DDI RULE 4352 | ICMP SWEEP - ICMP (Request) | | 2020/02/26 | DDI RULE 4352 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4352 | |
| DDI RULE 4350 | CVE-2020-0618 - SQL Server Reporting Services Remote Code Execution Exploit - HTTP (Request) | | 2020/02/25 | DDI RULE 4350 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4350 | |
| DDI RULE 4328 | CVE-2019-20224 - Pandora FMS 7.0NG Authenticated Remote Code Execution Exploit - HTTP (Request) | | 2020/02/25 | DDI RULE 4328 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4328 | |
| DDI RULE 2912 | CVE-2019-0604 SharePoint Remote Code Execution Exploit - HTTP (Request) | | 2020/02/24 | DDI RULE 2912 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2912 | |
| DDI RULE 4346 | Bottle - Exploit Kit - HTTP (Request) | | 2020/02/19 | DDI RULE 4346 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4346 | |
| DDI RULE 4345 | EMOTET - HTTP (Request) - Variant 7 | | 2020/02/13 | DDI RULE 4345 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4345 | |
| DDI RULE 4341 | WAGO PFC200 RCE EXPLOIT - HTTP (REQUEST) | | 2020/02/12 | DDI RULE 4341 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4341 | |
| DDI RULE 4343 | AVCON6 Remote Code Execution Exploit - HTTP (Request) | | 2020/02/12 | DDI RULE 4343 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4343 | |
| DDI RULE 4344 | CHEVERETO Remote Code Execution Exploit - HTTP (Request) | | 2020/02/12 | DDI RULE 4344 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4344 | |
| DDI RULE 4320 | EMOTET - HTTP (Request) - Variant 6 | | 2020/02/12 | DDI RULE 4320 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4320 | |
| DDI RULE 4314 | CVE-2019-17621 - DLINK Remote Code Execution - HTTP (Request) | | 2020/02/11 | DDI RULE 4314 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4314 | |
| DDI RULE 4315 | CVE-2019-9692 - CMS Made Simple Showtime2 Arbitrary File Upload Exploit - HTTP (Request) | | 2020/02/11 | DDI RULE 4315 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4315 | |
| DDI RULE 4329 | KindEditor Possible WebShell File Upload Exploit - HTTP (Request) | | 2020/02/11 | DDI RULE 4329 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4329 | |
| DDI RULE 4331 | CVE-2020-6757 - PIXELSTOR Remote Code Execution Exploit - HTTP (Request) | | 2020/02/11 | DDI RULE 4331 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4331 | |
| DDI RULE 4332 | CVE-2017-9841 - PHPUnit Remote Code Execution Exploit - HTTP (Request) | | 2020/02/11 | DDI RULE 4332 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4332 | |
| DDI RULE 4310 | CVE-2018-9021 - BROADCOM ACCESS MANAGER Remote Code Execution Exploit - HTTP (Request) | | 2020/02/11 | DDI RULE 4310 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4310 | |
| DDI RULE 4286 | CVE-2017-12945 - Mersive Solstice Remote Code Execution Exploit (Request) | | 2020/02/11 | DDI RULE 4286 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4286 | |
| DDI RULE 4342 | CVE-2020-7247 - OPENSMTPD RCE EXPLOIT - SMTP (REQUEST) | | 2020/02/11 | DDI RULE 4342 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4342 | |
| DDI RULE 4334 | CVE-2020-7799 - FUSIONAUTH Remote Code Execution Exploit - HTTP (Request) | | 2020/02/11 | DDI RULE 4334 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4334 | |
| DDI RULE 4335 | CVE-2020-7980 - Satellian Remote Code Execution - HTTP (Request) | | 2020/02/11 | DDI RULE 4335 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4335 | |
| DDI RULE 4288 | CVE-2019-5071 - TENDA RCE EXPLOIT - HTTP (REQUEST) | | 2020/02/11 | DDI RULE 4288 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4288 | |
| DDI RULE 4289 | CVE-2019-5072 - TENDA RCE EXPLOIT - HTTP (REQUEST) | | 2020/02/11 | DDI RULE 4289 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4289 | |
| DDI RULE 4275 | CVE-2019-7256 - LINEAR EMERGE Remote Code Execution Exploit - HTTP (Request) | | 2020/02/11 | DDI RULE 4275 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4275 | |
| DDI RULE 4270 | APACHE SOLR Remote Code Execution Exploit - HTTP (Request) | | 2020/02/11 | DDI RULE 4270 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4270 | |
| DDI RULE 4340 | ASTPP VOIP RCE EXPLOIT - HTTP (REQUEST) | | 2020/02/10 | DDI RULE 4340 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4340 | |
| DDI RULE 4336 | CVE-2019-19509 - rConfig Authenticated Remote Code Execution - HTTP (Request) | | 2020/02/06 | DDI RULE 4336 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4336 | |
| DDI RULE 2143 | SQLINJECT - HTTP (Request) | | 2020/02/05 | DDI RULE 2143 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2143 | |
| DDI RULE 4294 | CVE-2019-1485 - VBScript Rremote Code Execution - HTTP (Request) | | 2020/02/03 | DDI RULE 4294 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4294 | |
| DDI RULE 4330 | CVE-2020-0601 Spoofed Certificate Attempt - TLS (Response) | | 2020/01/22 | DDI RULE 4330 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4330 | |
| DDI RULE 4326 | APT - BISONAL - HTTP (Request) | | 2020/01/22 | DDI RULE 4326 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4326 | |
| DDI RULE 4327 | CVE-2019-19781 - CITRIX ADC EXPLOIT - HTTP (Response) | | 2020/01/20 | DDI RULE 4327 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4327 | |
| DDI RULE 4317 | APT - GH0STRAT - HTTP (Request) | | 2020/01/14 | DDI RULE 4317 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4317 | |
| DDI RULE 1588 | TROJAN - HTTP (Request) - Variant 47 | | 2020/01/06 | DDI RULE 1588 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-1588 | |
| DDI RULE 1572 | TROJAN - HTTP (Request) - Variant 43 | | 2020/01/06 | DDI RULE 1572 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-1572 | |
| DDI RULE 2099 | NYMAIM - HTTP (Request) | | 2020/01/02 | DDI RULE 2099 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2099 | |
| DDI RULE 2100 | NYMAIM - HTTP (Request) - Variant 2 | | 2020/01/02 | DDI RULE 2100 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2100 | |
| DDI RULE 4312 | Umbraco CMS Remote Code Execution - HTTP (Request) - Variant 2 | | 2020/01/02 | DDI RULE 4312 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4312 | |
| DDI RULE 2710 | FLAWEDAMMYY - TCP (Request) | | 2019/12/30 | DDI RULE 2710 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2710 | |
| DDI RULE 2878 | APT - POORWEB - HTTP (Request) | | 2019/12/23 | DDI RULE 2878 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2878 | |
| DDI RULE 4308 | KSDOOR - HTTP (REQUEST) - Variant 2 | | 2019/12/23 | DDI RULE 4308 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4308 | |
| DDI RULE 4306 | SQL INJECTION - EXPLOIT - HTTP (REQUEST) | | 2019/12/23 | DDI RULE 4306 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4306 | |
| DDI RULE 4307 | PUPY - Malicious Certificate - HTTPS (Response) | | 2019/12/19 | DDI RULE 4307 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4307 | |
| DDI RULE 4302 | Umbraco CMS Remote Code Execution - HTTP (Request) | | 2019/12/17 | DDI RULE 4302 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4302 | |
| DDI RULE 4299 | Remote Service execution through SMB2 SVCCTL detected | | 2019/12/16 | DDI RULE 4299 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4299 | |
| DDI RULE 4292 | MALPHISH - HTTP (REQUEST) - Variant 4 | | 2019/12/16 | DDI RULE 4292 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4292 | |
| DDI RULE 4293 | APACHE FLINK FILE UPLOAD EXPLOIT - HTTP (REQUEST) | | 2019/12/10 | DDI RULE 4293 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4293 | |
| DDI RULE 4295 | POSSIBLE JSP WEBSHELL UPLOAD EXPLOIT - HTTP (REQUEST) | | 2019/12/10 | DDI RULE 4295 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4295 | |
| DDI RULE 4290 | VIDAR - HTTP (Request) | | 2019/12/09 | DDI RULE 4290 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4290 | |
| DDI RULE 4281 | CVE-2019-15683 - TURBOVNC Buffer Overflow Exploit - TCP (REQUEST) | | 2019/12/09 | DDI RULE 4281 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4281 | |
| DDI RULE 4282 | CVE-2019-8274 - UltraVNC Buffer Overflow Exploit - TCP (REQUEST) | | 2019/12/09 | DDI RULE 4282 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4282 | |
| DDI RULE 4283 | CVE-2019-8276 - UltraVNC Buffer Overflow Exploit - TCP (REQUEST) | | 2019/12/09 | DDI RULE 4283 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4283 | |
| DDI RULE 4252 | CVE-2019-11540 Pulse Secure Cross-Site Script Inclusion - HTTP (Request) | | 2019/12/09 | DDI RULE 4252 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4252 | |
| DDI RULE 4253 | CVE-2019-11507 Pulse Secure Cross-Site Scripting - HTTP (Request) | | 2019/12/09 | DDI RULE 4253 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4253 | |
| DDI RULE 4254 | CVE-2019-11542 Pulse Secure Stack Buffer Overflow - HTTP (Request) | | 2019/12/09 | DDI RULE 4254 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4254 | |
| DDI RULE 4255 | CVE-2019-11539 Pulse Secure Command Injection - HTTP (Request) | | 2019/12/09 | DDI RULE 4255 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4255 | |
| DDI RULE 4245 | PHPSTUDY - HTTP (REQUEST) | | 2019/12/05 | DDI RULE 4245 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4245 | |
| DDI RULE 4246 | Possible CVE-2019-16928 - Exim Buffer Overflow Exploit - SMTP (Request) | | 2019/12/05 | DDI RULE 4246 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4246 | |
| DDI RULE 4228 | XSS Href Exploit - HTTP (Request) | | 2019/12/05 | DDI RULE 4228 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4228 | |
| DDI RULE 4229 | YEALINK VOIP - COMMAND INJECTION - HTTP (Request) | | 2019/12/05 | DDI RULE 4229 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4229 | |
| DDI RULE 4243 | APT - SUSPICIOUS CGI DIRECTORY TRAVERSAL - HTTP (REQUEST) | | 2019/12/05 | DDI RULE 4243 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4243 | |
| DDI RULE 4240 | PANMICRO ECO RCE EXPLOIT - HTTP (REQUEST) | | 2019/12/05 | DDI RULE 4240 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4240 | |
| DDI RULE 4241 | BHU WIFI RCE EXPLOIT - HTTP (REQUEST) | | 2019/12/05 | DDI RULE 4241 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4241 | |
| DDI RULE 4224 | CVE-2019-15846 EXIM TLS Flaw - HTTPS (Request) | | 2019/12/05 | DDI RULE 4224 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4224 | |
| DDI RULE 4205 | Register Shutdown Function Webshell - HTTP (Request) | | 2019/12/05 | DDI RULE 4205 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4205 | |
| DDI RULE 4206 | AXIS2 GETSHELL - COMMAND INJECTION - HTTP (Request) | | 2019/12/05 | DDI RULE 4206 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4206 | |
| DDI RULE 4220 | RIG - Exploit Kit - HTTP (Request) - Variant 8 | | 2019/12/05 | DDI RULE 4220 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4220 | |
| DDI RULE 4221 | Jenkins RCE Exploit - HTTP (Request)- Variant 2 | | 2019/12/05 | DDI RULE 4221 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4221 | |
| DDI RULE 4237 | CVE-2019-5475 - Nexus Repo Manager Remote Code Execution Exploit - HTTP (Request) | | 2019/12/05 | DDI RULE 4237 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4237 | |
| DDI RULE 4238 | CVE-2019-12922 - PHPMYADMIN CSRF - HTTP (Request) | | 2019/12/05 | DDI RULE 4238 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4238 | |
| DDI RULE 4231 | APT - SUSPICIOUS CGI - HTTP (Request) | | 2019/12/05 | DDI RULE 4231 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4231 | |
| DDI RULE 4232 | EMOTET - HTTP (Request) - Variant 5 | | 2019/12/05 | DDI RULE 4232 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4232 | |
| DDI RULE 4233 | Data Exfiltration - DNS (Response) - Variant 2 | | 2019/12/05 | DDI RULE 4233 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4233 | |
| DDI RULE 4234 | TFLOWER - Malicious Certificate - HTTPS (Response) | | 2019/12/05 | DDI RULE 4234 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4234 | |
| DDI RULE 4174 | DNS Changer Exploit - HTTP (Request) | | 2019/12/05 | DDI RULE 4174 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4174 | |
| DDI RULE 4175 | LORD - Exploit Kit - HTTP (Response) | | 2019/12/05 | DDI RULE 4175 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4175 | |
| DDI RULE 4182 | TREVOR - HTTP (Response) - Variant 2 | | 2019/12/05 | DDI RULE 4182 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4182 | |
| DDI RULE 4183 | Xfinity Gateway RCE Exploit - HTTP (Request) | | 2019/12/05 | DDI RULE 4183 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4183 | |
| DDI RULE 4184 | Homematic RCE Exploit - HTTP (Request) | | 2019/12/05 | DDI RULE 4184 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4184 | |
| DDI RULE 4185 | NXT Eyelock RCE Exploit - HTTP (Request) | | 2019/12/05 | DDI RULE 4185 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4185 | |
| DDI RULE 4186 | Sapido RCE Exploit - HTTP (Request) | | 2019/12/05 | DDI RULE 4186 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4186 | |
| DDI RULE 4187 | FLIR - Command Injection - HTTP (Request) | | 2019/12/05 | DDI RULE 4187 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4187 | |
| DDI RULE 4189 | Beward N100 RCE Exploit - HTTP (Request) | | 2019/12/05 | DDI RULE 4189 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4189 | |
| DDI RULE 4190 | RAIL RCE Exploit - HTTP (Request) | | 2019/12/05 | DDI RULE 4190 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4190 | |
| DDI RULE 4191 | CVE-2017-11774 MS Outlook Security Bypass Remote Code Execution - HTTP (Request) | | 2019/12/05 | DDI RULE 4191 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4191 | |
| DDI RULE 4192 | IRIS Remote Command Execution - HTTP (Request) | | 2019/12/05 | DDI RULE 4192 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4192 | |
| DDI RULE 4193 | CVE-2019-9511 Data Dribble - HTTP2 (Request) | | 2019/12/05 | DDI RULE 4193 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4193 | |
| DDI RULE 4194 | CVE-2019-9512 PING Flood - HTTP2 (Request) | | 2019/12/05 | DDI RULE 4194 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4194 | |
| DDI RULE 4195 | CVE-2019-9515 SETTINGS Flood - HTTP2 (Request) | | 2019/12/05 | DDI RULE 4195 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4195 | |
| DDI RULE 4196 | CVE-2019-9517 Internal Data Buffering - HTTP2 (Request) | | 2019/12/05 | DDI RULE 4196 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4196 | |
| DDI RULE 4197 | CVE-2019-9518 Empty Frames Flood - HTTP2 (Request) | | 2019/12/05 | DDI RULE 4197 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4197 | |
| DDI RULE 4198 | ANUBIS - HTTP (Request) | | 2019/12/05 | DDI RULE 4198 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4198 | |
| DDI RULE 4219 | GHOSTMINER - HTTP (Request) | | 2019/12/05 | DDI RULE 4219 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4219 | |
| DDI RULE 4210 | MEDUSA - HTTP (Request) | | 2019/12/05 | DDI RULE 4210 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4210 | |
| DDI RULE 4211 | CLIPSA - HTTP (Request) | | 2019/12/05 | DDI RULE 4211 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4211 | |
| DDI RULE 4212 | Possible Bruteforce - HTTP (Request) | | 2019/12/05 | DDI RULE 4212 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4212 | |
| DDI RULE 4213 | RETADUP - HTTP (Response) | | 2019/12/05 | DDI RULE 4213 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4213 | |
| DDI RULE 4214 | CVE-2019-1181 Chopper Compression Overflow Remote Code Execution - RDP (Request) - Variant 2 | | 2019/12/05 | DDI RULE 4214 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4214 | |
| DDI RULE 4215 | CVE-2019-1182 Chopper Compression Overflow Remote Code Execution - RDP (Request) - Variant 2 | | 2019/12/05 | DDI RULE 4215 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4215 | |
| DDI RULE 4216 | BLUEANGEL - Comand Injection - HTTP (Request) | | 2019/12/05 | DDI RULE 4216 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4216 | |
| DDI RULE 4208 | CVE-2019-12989 - CITRIX SDWAN AUTH BYPASS - HTTP (Request) | | 2019/12/05 | DDI RULE 4208 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4208 | |
| DDI RULE 4209 | WEBMIN RCE Exploit - HTTP (Request) | | 2019/12/05 | DDI RULE 4209 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4209 | |
| DDI RULE 4200 | CVE-2015-4051 - BECKHOFF RCE - HTTP (Request) | | 2019/12/05 | DDI RULE 4200 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4200 | |
| DDI RULE 4201 | CVE-2019-1181 Chopper Compression Overflow Remote Code Execution - RDP (Request) | | 2019/12/05 | DDI RULE 4201 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4201 | |
| DDI RULE 4202 | CVE-2019-1182 Chopper Compression Overflow Remote Code Execution - RDP (Request) | | 2019/12/05 | DDI RULE 4202 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4202 | |
| DDI RULE 4203 | Possible CVE-2019-1224 Server Information Disclosure Exploit - RDP (Response) | | 2019/12/05 | DDI RULE 4203 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4203 | |
| DDI RULE 4177 | CVE-2019-12815 ProFTPD Remote Code Execution - FTP (Request) | | 2019/12/05 | DDI RULE 4177 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4177 | |
| DDI RULE 4178 | XYMON RCE Exploit - HTTP (Request) | | 2019/12/05 | DDI RULE 4178 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4178 | |
| DDI RULE 4179 | CVE-2017-8917 - JOOMLA - HTTP (Request) | | 2019/12/05 | DDI RULE 4179 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4179 | |
| DDI RULE 4180 | BASHLITE - TCP (Request) | | 2019/12/05 | DDI RULE 4180 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4180 | |
| DDI RULE 2901 | CVE-2014-0160 Malformed Heartbeat - SSL (Response) - Variant 2 | | 2019/12/02 | DDI RULE 2901 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2901 | |
| DDI RULE 2756 | Possible ADWIND - Malicious Certificate - HTTPS (Response) | | 2019/12/02 | DDI RULE 2756 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2756 | |
| DDI RULE 2760 | DRIDEX - Malicious certificate - SSL - Variant 2 | | 2019/12/02 | DDI RULE 2760 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2760 | |
| DDI RULE 2635 | Abnormal x509v3 Subject Key Identifier extension - HTTPS (Response) | | 2019/12/02 | DDI RULE 2635 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2635 | |
| DDI RULE 2636 | Executable File inside Certificate - HTTPS (Response) | | 2019/12/02 | DDI RULE 2636 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2636 | |
| DDI RULE 2562 | Signed Malware Certificate - SSL | | 2019/12/02 | DDI RULE 2562 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2562 | |
| DDI RULE 2049 | LETSENCRYPT SSL CERTIFICATE - HTTP (Response) | | 2019/12/02 | DDI RULE 2049 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2049 | |
| DDI RULE 1789 | Identified Usage Of RC4 Cipher Suite - HTTPS | | 2019/12/02 | DDI RULE 1789 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-1789 | |
| DDI RULE 1795 | Identified Usage Of TLS/SSL EXPORT Cipher Suite | | 2019/12/02 | DDI RULE 1795 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-1795 | |
| DDI RULE 2263 | ELFREXDDOS - Ransomware - KADEMLIA P2P - SSL | | 2019/12/02 | DDI RULE 2263 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2263 | |
| DDI RULE 1645 | Possible Self-Signed SSL certificate detected | | 2019/12/02 | DDI RULE 1645 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-1645 | |
| DDI RULE 1654 | Identified CBC Based Cipher Suite In SSLv3 Request | | 2019/12/02 | DDI RULE 1654 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-1654 | |
| DDI RULE 1276 | VAWTRAK - HTTP (Request) | | 2019/12/02 | DDI RULE 1276 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-1276 | |
| DDI RULE 2902 | SAP Gateway Remote Code Execution Exploit - TCP | | 2019/11/28 | DDI RULE 2902 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2902 | |
| DDI RULE 2903 | Oracle Weblogic Remote Command Execution Exploit - HTTP (Request) | | 2019/11/28 | DDI RULE 2903 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2903 | |
| DDI RULE 2904 | Possible IE Exploit - HTTP (Response) - Variant 5 | | 2019/11/28 | DDI RULE 2904 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2904 | |
| DDI RULE 2905 | Possible IE Exploit - HTTP (Response) - Variant 6 | | 2019/11/28 | DDI RULE 2905 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2905 | |
| DDI RULE 2888 | FASTJSON Deserialization Exploit - HTTP (Request) | | 2019/11/28 | DDI RULE 2888 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2888 | |
| DDI RULE 2907 | CVE-2019-2616 ORACLE BI Pusblisher XXE Exploit - HTTP (Request) | | 2019/11/28 | DDI RULE 2907 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2907 | |
| DDI RULE 2908 | CVE-2018-16509 GHOSTSCRIPT UNAUTHENTICATED - HTTP (Request) | | 2019/11/28 | DDI RULE 2908 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2908 | |
| DDI RULE 2911 | HYPERSHELL - WEBSHELL - HTTP (Request) | | 2019/11/28 | DDI RULE 2911 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2911 | |
| DDI RULE 2919 | DLINK DWL 26000AP RCE EXPLOIT - HTTP (Request) | | 2019/11/28 | DDI RULE 2919 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2919 | |
| DDI RULE 2914 | CVE-2018-15961 - Adobe Cold Fusion Exploit - HTTP (Request) | | 2019/11/28 | DDI RULE 2914 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2914 | |
| DDI RULE 2915 | ASLIROR - HTTP (Request) | | 2019/11/28 | DDI RULE 2915 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2915 | |
| DDI RULE 2916 | FUNARECHBOT - TCP (Request) | | 2019/11/28 | DDI RULE 2916 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2916 | |
| DDI RULE 2917 | CVE-2019-3719 Dell Support Assist RCE - HTTP (Request) | | 2019/11/28 | DDI RULE 2917 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2917 | |
| DDI RULE 2891 | EMPIRE - HTTP (Request) - Variant 3 | | 2019/11/28 | DDI RULE 2891 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2891 | |
| DDI RULE 2892 | NAMECOIN - HTTP (Request) | | 2019/11/28 | DDI RULE 2892 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2892 | |
| DDI RULE 2894 | CVE-2019-0192 Apache SOLR RCE Exploit - HTTP (Request) | | 2019/11/28 | DDI RULE 2894 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2894 | |
| DDI RULE 2895 | CVE-2014-9727 Fritz RCE Exploit - HTTP (Request) | | 2019/11/28 | DDI RULE 2895 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2895 | |
| DDI RULE 2896 | Fritz RCE Exploit - HTTP (Request) | | 2019/11/28 | DDI RULE 2896 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2896 | |
| DDI RULE 2897 | EMOTET - HTTP (Request) - Variant 4 | | 2019/11/28 | DDI RULE 2897 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2897 | |
| DDI RULE 2898 | Weblogic Unauthenticated RCE Exploit- HTTP (Request) | | 2019/11/28 | DDI RULE 2898 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2898 | |
| DDI RULE 2940 | CISCO RV Routers RCE Exploit - HTTP (Request) | | 2019/11/28 | DDI RULE 2940 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2940 | |
| DDI RULE 2941 | Possible CVE-2019-1663 CISCO RV Routers Buffer Overflow Exploit - HTTP (Request) | | 2019/11/28 | DDI RULE 2941 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2941 | |
| DDI RULE 2942 | CVE-2019-1003000 - JENKINS - HTTP (Request) | | 2019/11/28 | DDI RULE 2942 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2942 | |
| DDI RULE 2943 | CVE-2013-5758 Yealink VoIP Phone SIP-T38G RCE - HTTP (Request) | | 2019/11/28 | DDI RULE 2943 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2943 | |
| DDI RULE 2944 | Seowon Intech WiMAX SWC-9100 RCE - HTTP (Request) | | 2019/11/28 | DDI RULE 2944 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2944 | |
| DDI RULE 2945 | CVE-2019-10149 Exim Remote Code Execution Exploit - SMTP (Request) | | 2019/11/28 | DDI RULE 2945 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2945 | |
| DDI RULE 2947 | Possible CVE-2019-0227 Apache Axis Expired Domain to RCE - HTTP (Request) | | 2019/11/28 | DDI RULE 2947 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2947 | |
| DDI RULE 2920 | JNAP Information Disclosure Attempt - HTTP (Request) | | 2019/11/28 | DDI RULE 2920 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2920 | |
| DDI RULE 2949 | CVE-2013-5948 Asus device Remote code Execution Exploit- HTTP (Request) | | 2019/11/28 | DDI RULE 2949 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2949 | |
| DDI RULE 2950 | CVE-2017-5174 - GEUTEBRUCK - Command Injection - HTTP (Request) | | 2019/11/28 | DDI RULE 2950 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2950 | |
| DDI RULE 2922 | CVE-2014-6287 Rejetto HttpFileServer RCE Exploit - HTTP (Request) | | 2019/11/28 | DDI RULE 2922 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2922 | |
| DDI RULE 2923 | BLASQUI Webshell - HTTP (Request) | | 2019/11/28 | DDI RULE 2923 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2923 | |
| DDI RULE 2924 | Possible PHP Admin Bruteforce - HTTP (Request) | | 2019/11/28 | DDI RULE 2924 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2924 | |
| DDI RULE 2925 | HAWKEYE - SMTP (Request) | | 2019/11/28 | DDI RULE 2925 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2925 | |
| DDI RULE 2926 | WePresent WiPG1000 Command Injection - HTTP (Request) | | 2019/11/28 | DDI RULE 2926 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2926 | |
| DDI RULE 2927 | Possible WEBSHELL Command - HTTP (Request) | | 2019/11/28 | DDI RULE 2927 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2927 | |
| DDI RULE 2928 | EANVER Webshell - HTTP (Request) | | 2019/11/28 | DDI RULE 2928 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2928 | |
| DDI RULE 2929 | Hadoop Yarn RCE Exploit - HTTP (Request) | | 2019/11/28 | DDI RULE 2929 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2929 | |
| DDI RULE 2930 | Possible RIG Exploit Kit - HTTP (Request) | | 2019/11/28 | DDI RULE 2930 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2930 | |
| DDI RULE 2931 | HIDDENWASP - TCP (Request) | | 2019/11/28 | DDI RULE 2931 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2931 | |
| DDI RULE 2932 | HIDDENWASP - TCP (Response) | | 2019/11/28 | DDI RULE 2932 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2932 | |
| DDI RULE 2933 | HIDDENWASP - TCP Connection | | 2019/11/28 | DDI RULE 2933 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2933 | |
| DDI RULE 2934 | LG NAS - Command Injection - HTTP (Request) | | 2019/11/28 | DDI RULE 2934 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2934 | |
| DDI RULE 2935 | OPENDREAMBOX - Command Injection - HTTP (Request) | | 2019/11/28 | DDI RULE 2935 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2935 | |
| DDI RULE 2936 | CVE-2019-3929 - BLACKBOX - COMMAND INJECTION - HTTP (Request) | | 2019/11/28 | DDI RULE 2936 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2936 | |
| DDI RULE 2937 | CVE-2019-10867 - PIMCORE - Unserialize RCE - HTTP (Request) | | 2019/11/28 | DDI RULE 2937 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2937 | |
| DDI RULE 2938 | Dell Kace RCE Exploit - HTTP (Request) | | 2019/11/28 | DDI RULE 2938 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2938 | |
| DDI RULE 2879 | IIS - SCANNER - HTTP (Request) | | 2019/11/28 | DDI RULE 2879 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2879 | |
| DDI RULE 2875 | CVE-2011-1966 DNS NAPTR QUERY EXPLOIT - DNS (Response) | | 2019/11/28 | DDI RULE 2875 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2875 | |
| DDI RULE 2876 | PCASTLE - HTTP (Response) | | 2019/11/28 | DDI RULE 2876 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2876 | |
| DDI RULE 2877 | CVE-2019-0232 Apache Tomcat RCE - HTTP (Request) | | 2019/11/28 | DDI RULE 2877 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2877 | |
| DDI RULE 2811 | CVE-2018-15887 Asus device Remote code Execution Exploit- HTTP (Request) | | 2019/11/28 | DDI RULE 2811 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2811 | |
| DDI RULE 4170 | CVE-2017-11357 TELERIK File Upload Exploit - HTTP (Request) | | 2019/11/28 | DDI RULE 4170 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4170 | |
| DDI RULE 4171 | CVE-2013-3763 - Oracle Endeca Sever - HTTP (Request) | | 2019/11/28 | DDI RULE 4171 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4171 | |
| DDI RULE 4172 | APT - TONEDEAF - HTTP (Request) | | 2019/11/28 | DDI RULE 4172 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4172 | |
| DDI RULE 4173 | GHOSTDNS - Exploit Kit - HTTP (Response) - Variant 2 | | 2019/11/28 | DDI RULE 4173 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4173 | |
| DDI RULE 4160 | NTOP RCE Exploit - HTTP (Request) - Variant 3 | | 2019/11/28 | DDI RULE 4160 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4160 | |
| DDI RULE 4161 | NTOP RCE Exploit - HTTP (Request) - Variant 4 | | 2019/11/28 | DDI RULE 4161 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4161 | |
| DDI RULE 4162 | CVE-2019-11581 Atlassian JIRA Template Injection - HTTP (Request) | | 2019/11/28 | DDI RULE 4162 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4162 | |
| DDI RULE 4163 | Possible CVE-2019-12815 ProFTPD Remote Code Execution - FTP (Request) | | 2019/11/28 | DDI RULE 4163 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4163 | |
| DDI RULE 4164 | CVE-2018-8007 Apache CouchDB Remote Code Execution Exploit - HTTP (Request) - Variant 2 | | 2019/11/28 | DDI RULE 4164 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4164 | |
| DDI RULE 4165 | CVE-2019-7238 Nexus Repository Manager RCE Exploit - HTTP (Request) | | 2019/11/28 | DDI RULE 4165 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4165 | |
| DDI RULE 4166 | CVE-2015-4335 REDIS Eval LUA Sandbox Bypass Exploit - TCP (Request) | | 2019/11/28 | DDI RULE 4166 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4166 | |
| DDI RULE 4167 | CAMBIUM RCE Exploit - HTTP (Request) | | 2019/11/28 | DDI RULE 4167 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4167 | |
| DDI RULE 4168 | CVE-2018-15379 Cisco Prime Infrastructure Remote Command Execution - HTTP (Request) | | 2019/11/28 | DDI RULE 4168 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4168 | |
| DDI RULE 4169 | Linksys Remote Debug Root Shell- HTTP (Request) | | 2019/11/28 | DDI RULE 4169 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4169 | |
| DDI RULE 4149 | Possible CVE-2019-1040 MS NTLM Tampering Exploit - SMB (Request) | | 2019/11/28 | DDI RULE 4149 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4149 | |
| DDI RULE 4150 | POSSIBLE XSS - HTTP (Request) | | 2019/11/28 | DDI RULE 4150 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4150 | |
| DDI RULE 4151 | WANNALOCKER - Ransomware - HTTP (Request) | | 2019/11/28 | DDI RULE 4151 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4151 | |
| DDI RULE 4152 | COBALTSTRIKE - HTTP (Response) | | 2019/11/28 | DDI RULE 4152 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4152 | |
| DDI RULE 4153 | COBALTSTRIKE - HTTP (Request) - Variant 2 | | 2019/11/28 | DDI RULE 4153 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4153 | |
| DDI RULE 4154 | CVE-2019-11580 Atlassian RCE Exploit - HTTP (Request) | | 2019/11/28 | DDI RULE 4154 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4154 | |
| DDI RULE 4155 | EICAR COBALTSTRIKE - HTTP (Response) | | 2019/11/28 | DDI RULE 4155 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4155 | |
| DDI RULE 4156 | ECH0RAIX - Ransomware - HTTP (Request) | | 2019/11/28 | DDI RULE 4156 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4156 | |
| DDI RULE 4157 | NTOP RCE Exploit - HTTP (Request) | | 2019/11/28 | DDI RULE 4157 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4157 | |
| DDI RULE 4158 | Reverse TCP Stageless - TCP (Response) | | 2019/11/28 | DDI RULE 4158 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4158 | |
| DDI RULE 4159 | NTOP RCE Exploit - HTTP (Request) - Variant 2 | | 2019/11/28 | DDI RULE 4159 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4159 | |
| DDI RULE 4120 | CVE-2005-2847 Barracuda IMG.pl Remote Command Execution - HTTP (Request) | | 2019/11/28 | DDI RULE 4120 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4120 | |
| DDI RULE 4121 | Dogfood CRM spell.php Remote Command Execution - HTTP (Request) | | 2019/11/28 | DDI RULE 4121 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4121 | |
| DDI RULE 4122 | CTEK SkyRouter 4200/4300 - Command Execution - HTTP (Request) | | 2019/11/28 | DDI RULE 4122 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4122 | |
| DDI RULE 4123 | Redmine SCM Repository 0.9.x/1.0.x - Remote Command Execution - HTTP (Request) | | 2019/11/28 | DDI RULE 4123 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4123 | |
| DDI RULE 4124 | GetShell CKNIFE - HTTP (Request) | | 2019/11/28 | DDI RULE 4124 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4124 | |
| DDI RULE 4125 | Mitel Audio RCE Exploit - HTTP (Request) | | 2019/11/28 | DDI RULE 4125 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4125 | |
| DDI RULE 4127 | Suspicious PowerQuery - HTTP (Response) | | 2019/11/28 | DDI RULE 4127 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4127 | |
| DDI RULE 4130 | APT - NFLOG - HTTP (Request) - Variant 2 | | 2019/11/28 | DDI RULE 4130 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4130 | |
| DDI RULE 4131 | NANOCORE - TCP (Request) | | 2019/11/28 | DDI RULE 4131 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4131 | |
| DDI RULE 4132 | SHELLBOT - IRC (Request) | | 2019/11/28 | DDI RULE 4132 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4132 | |
| DDI RULE 4133 | ASTAROTH JSON - HTTP (Response) | | 2019/11/28 | DDI RULE 4133 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4133 | |
| DDI RULE 4136 | ECH0RAIX - Ransomware - TCP (Request) | | 2019/11/28 | DDI RULE 4136 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4136 | |
| DDI RULE 4138 | ICEDID - HTTP (Request) - Variant 2 | | 2019/11/28 | DDI RULE 4138 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4138 | |
| DDI RULE 4139 | ICEDID - HTTP (Response) | | 2019/11/28 | DDI RULE 4139 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4139 | |
| DDI RULE 2900 | Possible PNG Exploit - HTTP (Request) | | 2019/11/28 | DDI RULE 2900 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2900 | |
| DDI RULE 4140 | INFOSTEAL - HTTP (Request) - Variant 6 | | 2019/11/28 | DDI RULE 4140 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4140 | |
| DDI RULE 4276 | PREDATOR - HTTP (Request) | | 2019/11/27 | DDI RULE 4276 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4276 | |
| DDI RULE 1268 | Reverse HTTPS Meterpreter detected - Variant 2 | | 2019/11/27 | DDI RULE 1268 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-1268 | |
| DDI RULE 1266 | Possible reverse https Meterpreter detected | | 2019/11/27 | DDI RULE 1266 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-1266 | |
| DDI RULE 1007 | WMI Execute Method Request detected | | 2019/11/27 | DDI RULE 1007 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-1007 | |
| DDI RULE 1078 | Possible TOR node certificate detected | | 2019/11/27 | DDI RULE 1078 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-1078 | |
| DDI RULE 2399 | WMIEXECUTE - DCERPC (Request) | | 2019/11/27 | DDI RULE 2399 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2399 | |
| DDI RULE 2033 | PAWXNIC - Malicious certificate - SSL | | 2019/11/27 | DDI RULE 2033 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2033 | |
| DDI RULE 4285 | POSSIBLE WEBSHELL - HTTP (REQUEST) | | 2019/11/26 | DDI RULE 4285 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4285 | |
| DDI RULE 4279 | YAMANAI - HTTP (Request) | | 2019/11/25 | DDI RULE 4279 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4279 | |
| DDI RULE 4280 | POSSIBLE USERAGENT RCE EXPLOIT - HTTP (REQUEST) | | 2019/11/25 | DDI RULE 4280 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4280 | |
| DDI RULE 4115 | CVE-2009-2288 - NAGIOS - HTTP (Request) | | 2019/11/25 | DDI RULE 4115 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4115 | |
| DDI RULE 4116 | CVE-2012-0262 - OPS5CONFIG - HTTP (Request) | | 2019/11/25 | DDI RULE 4116 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4116 | |
| DDI RULE 4117 | Spreecommerce 0.60.1 - Remote Command Execution - HTTP (Request) | | 2019/11/25 | DDI RULE 4117 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4117 | |
| DDI RULE 4118 | CVE-2007-3010 Alcatel-Lucent OmniPCX Enterprise Communication Server 7.1 Command Injection - HTTP (Request) | | 2019/11/25 | DDI RULE 4118 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4118 | |
| DDI RULE 4119 | Awstats Remote Command Injection - HTTP (Request) | | 2019/11/25 | DDI RULE 4119 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4119 | |
| DDI RULE 4100 | CVE-2010-5330 UBIQUITY Nanostation5 RCE Exploit - HTTP (Request) | | 2019/11/25 | DDI RULE 4100 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4100 | |
| DDI RULE 4101 | CVE-2019-10149 Exim Remote Code Execution Exploit - SMTP (Request) - Variant 2 | | 2019/11/25 | DDI RULE 4101 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4101 | |
| DDI RULE 4102 | WEBMIN - Command Execution - HTTP (Request) | | 2019/11/25 | DDI RULE 4102 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4102 | |
| DDI RULE 4103 | Daemon DD-WRT Unauthenticated RCE Exploit - HTTP (Request) | | 2019/11/25 | DDI RULE 4103 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4103 | |
| DDI RULE 4104 | Asmax RCE Exploit - HTTP (Request) | | 2019/11/25 | DDI RULE 4104 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4104 | |
| DDI RULE 4105 | POSSIBLE MALICIOUS CHROME EXTENSION - HTTP (Request) | | 2019/11/25 | DDI RULE 4105 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4105 | |
| DDI RULE 4106 | Gitorious Unauthenticated RCE Exploit - HTTP (Request) | | 2019/11/25 | DDI RULE 4106 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4106 | |
| DDI RULE 4107 | CVE-2011-3587 - PLONE - HTTP (Request) | | 2019/11/25 | DDI RULE 4107 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4107 | |
| DDI RULE 4108 | CVE-2003-0050 - QUICKTIME - HTTP (Request) | | 2019/11/25 | DDI RULE 4108 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4108 | |
| DDI RULE 4109 | OP5MONITOR - HTTP (Request) | | 2019/11/25 | DDI RULE 4109 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4109 | |
| DDI RULE 4110 | CVE-2005-2773 - HP OPENVIEW NETWORK NODE MANAGER- HTTP (Request) | | 2019/11/25 | DDI RULE 4110 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-4110 | |
| DDI RULE 2808 | FALLOUT - Exploit Kit - HTTP (Response) - Variant 3 | | 2019/11/25 | DDI RULE 2808 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2808 | |
| DDI RULE 2861 | ShadowHammer - DNS (Response) | | 2019/11/21 | DDI RULE 2861 | /vinfo/jp/threat-encyclopedia/network/ddi-rule-2861 |