Network Content Inspection Rules

Rule ID	Rule Description	Confidence Level	DDI Default Rule	Network Content Inspection Pattern Release Date
DDI RULE 4111	CVE-2009-5157 Linksys WAG54G2 RCE Exploit - HTTP (Request)	High		2019/08/15	DDI RULE 4111	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4111
DDI RULE 4191	CVE-2017-11774 MS Outlook Security Bypass Remote Code Execution - HTTP (Request)	Medium		2019/08/15	DDI RULE 4191	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4191
DDI RULE 4192	IRIS Remote Command Execution - HTTP (Request)	High		2019/08/15	DDI RULE 4192	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4192
DDI RULE 2289	Unsuccessful logon - FTP	Low		2019/08/15	DDI RULE 2289	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2289
DDI RULE 2290	Possible Brute force - FTP	Low		2019/08/15	DDI RULE 2290	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2290
DDI RULE 2547	NETGEAR DGN1000/DGN2200 Remote Code Execution - HTTP (Request)	High		2019/08/15	DDI RULE 2547	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2547
DDI RULE 4183	Xfinity Gateway RCE Exploit - HTTP (Request)	High		2019/08/14	DDI RULE 4183	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4183
DDI RULE 4190	RAIL RCE Exploit - HTTP (Request)	High		2019/08/14	DDI RULE 4190	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4190
DDI RULE 4187	FLIR - Command Injection - HTTP (Request)	High		2019/08/13	DDI RULE 4187	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4187
DDI RULE 4188	CVE-2014-3914 - Rocket Servergraph - RCE - HTTP (Request)	High		2019/08/13	DDI RULE 4188	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4188
DDI RULE 4189	Beward N100 RCE Exploit - HTTP (Request)	High		2019/08/13	DDI RULE 4189	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4189
DDI RULE 4166	CVE-2015-4335 REDIS Eval LUA Sandbox Bypass Exploit - TCP (Request)	High		2019/08/13	DDI RULE 4166	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4166
DDI RULE 4184	Homematic RCE Exploit - HTTP (Request)	High		2019/08/12	DDI RULE 4184	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4184
DDI RULE 4185	NXT Eyelock RCE Exploit - HTTP (Request)	High		2019/08/12	DDI RULE 4185	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4185
DDI RULE 4175	LORD - Exploit Kit - HTTP (Response)	High		2019/08/08	DDI RULE 4175	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4175
DDI RULE 4167	CAMBIUM RCE Exploit - HTTP (Request)	High		2019/08/07	DDI RULE 4167	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4167
DDI RULE 4159	NTOP RCE Exploit - HTTP (Request) - Variant 2	High		2019/08/07	DDI RULE 4159	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4159
DDI RULE 4160	NTOP RCE Exploit - HTTP (Request) - Variant 3	High		2019/08/07	DDI RULE 4160	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4160
DDI RULE 4161	NTOP RCE Exploit - HTTP (Request) - Variant 4	High		2019/08/07	DDI RULE 4161	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4161
DDI RULE 4179	CVE-2017-8917 - JOOMLA - HTTP (Request)	High		2019/08/07	DDI RULE 4179	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4179
DDI RULE 4112	CVE-2019-12094 Horde Webmail Unauthenticated RCE Exploit - HTTP (Request)	High		2019/08/07	DDI RULE 4112	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4112
DDI RULE 4114	CVE-2012-4869 PBX RCE Exploit - HTTP (Request)	High		2019/08/07	DDI RULE 4114	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4114
DDI RULE 4125	Mitel Audio RCE Exploit - HTTP (Request)	High		2019/08/07	DDI RULE 4125	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4125
DDI RULE 4150	POSSIBLE XSS - HTTP (Request)	Medium		2019/08/07	DDI RULE 4150	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4150
DDI RULE 2907	CVE-2019-2616 ORACLE BI Pusblisher XXE Exploit - HTTP (Request)	High		2019/08/07	DDI RULE 2907	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2907
DDI RULE 2914	CVE-2018-15961 - Adobe Cold Fusion Exploit - HTTP (Request)	High		2019/08/07	DDI RULE 2914	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2914
DDI RULE 2919	DLINK DWL 26000AP RCE EXPLOIT - HTTP (Request)	High		2019/08/07	DDI RULE 2919	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2919
DDI RULE 2929	Hadoop Yarn RCE Exploit - HTTP (Request)	High		2019/08/07	DDI RULE 2929	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2929
DDI RULE 2938	Dell Kace RCE Exploit - HTTP (Request)	High		2019/08/07	DDI RULE 2938	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2938
DDI RULE 2939	CVE-2018-6961 VMWARE NSX RCE EXPLOIT - HTTP (Request)	High		2019/08/07	DDI RULE 2939	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2939
DDI RULE 2940	CISCO RV Routers RCE Exploit - HTTP (Request)	High		2019/08/07	DDI RULE 2940	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2940
DDI RULE 2941	Possible CVE-2019-1663 CISCO RV Routers Buffer Overflow Exploit - HTTP (Request)	High		2019/08/07	DDI RULE 2941	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2941
DDI RULE 4100	CVE-2010-5330 UBIQUITY Nanostation5 RCE Exploit - HTTP (Request)	High		2019/08/07	DDI RULE 4100	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4100
DDI RULE 4106	Gitorious Unauthenticated RCE Exploit - HTTP (Request)	High		2019/08/07	DDI RULE 4106	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4106
DDI RULE 2485	CCTV-DVR Remote Code Execution - HTTP (Request)	High		2019/08/07	DDI RULE 2485	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2485
DDI RULE 4168	CVE-2018-15379 Cisco Prime Infrastructure Remote Command Execution - HTTP (Request)	Medium		2019/08/06	DDI RULE 4168	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4168
DDI RULE 4169	Linksys Remote Debug Root Shell- HTTP (Request)	High		2019/08/06	DDI RULE 4169	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4169
DDI RULE 4177	CVE-2019-12815 ProFTPD Remote Code Execution - FTP (Request)	High		2019/08/06	DDI RULE 4177	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4177
DDI RULE 4178	XYMON RCE Exploit - HTTP (Request)	High		2019/08/06	DDI RULE 4178	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4178
DDI RULE 4172	APT - TONEDEAF - HTTP (Request)	High		2019/08/06	DDI RULE 4172	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4172
DDI RULE 4164	CVE-2018-8007 Apache CouchDB Remote Code Execution Exploit - HTTP (Request) - Variant 2	High		2019/08/06	DDI RULE 4164	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4164
DDI RULE 4165	CVE-2019-7238 Nexus Repository Manager RCE Exploit - HTTP (Request)	High		2019/08/06	DDI RULE 4165	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4165
DDI RULE 2639	CVE-2018-10562 - GPON Remote Code Execution - HTTP (Request)	High		2019/08/06	DDI RULE 2639	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2639
DDI RULE 4170	CVE-2017-11357 TELERIK File Upload Exploit - HTTP (Request)	High		2019/08/05	DDI RULE 4170	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4170
DDI RULE 4171	CVE-2013-3763 - Oracle Endeca Sever - HTTP (Request)	High		2019/08/05	DDI RULE 4171	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4171
DDI RULE 4173	GHOSTDNS - Exploit Kit - HTTP (Response) - Variant 2	High		2019/08/05	DDI RULE 4173	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4173
DDI RULE 4174	DNS Changer Exploit - HTTP (Request)	High		2019/08/05	DDI RULE 4174	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4174
DDI RULE 4115	CVE-2009-2288 - NAGIOS - HTTP (Request)	High		2019/08/05	DDI RULE 4115	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4115
DDI RULE 4116	CVE-2012-0262 - OPS5CONFIG - HTTP (Request)	High		2019/08/05	DDI RULE 4116	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4116
DDI RULE 4107	CVE-2011-3587 - PLONE - HTTP (Request)	Medium		2019/08/05	DDI RULE 4107	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4107
DDI RULE 4108	CVE-2003-0050 - QUICKTIME - HTTP (Request)	High		2019/08/05	DDI RULE 4108	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4108
DDI RULE 4109	OP5MONITOR - HTTP (Request)	High		2019/08/05	DDI RULE 4109	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4109
DDI RULE 4110	CVE-2005-2773 - HP OPENVIEW NETWORK NODE MANAGER- HTTP (Request)	High		2019/08/05	DDI RULE 4110	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4110
DDI RULE 4102	WEBMIN - Command Execution - HTTP (Request)	High		2019/08/05	DDI RULE 4102	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4102
DDI RULE 2942	CVE-2019-1003000 - JENKINS - HTTP (Request)	High		2019/08/05	DDI RULE 2942	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2942
DDI RULE 2948	CVE-2018-11510 - Asustor ADM - Command Injection - HTTP (Request)	High		2019/08/05	DDI RULE 2948	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2948
DDI RULE 2950	CVE-2017-5174 - GEUTEBRUCK - Command Injection - HTTP (Request)	High		2019/08/05	DDI RULE 2950	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2950
DDI RULE 2934	LG NAS - Command Injection - HTTP (Request)	High		2019/08/05	DDI RULE 2934	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2934
DDI RULE 2935	OPENDREAMBOX - Command Injection - HTTP (Request)	High		2019/08/05	DDI RULE 2935	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2935
DDI RULE 2936	CVE-2019-3929 - BLACKBOX - COMMAND INJECTION - HTTP (Request)	High		2019/08/05	DDI RULE 2936	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2936
DDI RULE 2937	CVE-2019-10867 - PIMCORE - Unserialize RCE - HTTP (Request)	High		2019/08/05	DDI RULE 2937	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2937
DDI RULE 2341	COBALTSTRIKE - HTTP (Request)	High		2019/08/05	DDI RULE 2341	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2341
DDI RULE 2452	Wget Commandline Injection	Medium		2019/07/31	DDI RULE 2452	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2452
DDI RULE 4152	COBALTSTRIKE - HTTP (Response)	High		2019/07/24	DDI RULE 4152	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4152
DDI RULE 4154	CVE-2019-11580 Atlassian RCE Exploit - HTTP (Request)	High		2019/07/24	DDI RULE 4154	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4154
DDI RULE 4133	ASTAROTH JSON - HTTP (Response)	High		2019/07/24	DDI RULE 4133	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4133
DDI RULE 4163	Possible CVE-2019-12815 ProFTPD Remote Code Execution - FTP (Request)	Low		2019/07/24	DDI RULE 4163	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4163
DDI RULE 2678	CVE-2014-3120 - ElasticSearch Remote Code Execution Exploit - HTTP (Request)	High		2019/07/24	DDI RULE 2678	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2678
DDI RULE 4156	ECH0RAIX - Ransomware - HTTP (Request)	High		2019/07/22	DDI RULE 4156	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4156
DDI RULE 4157	NTOP RCE Exploit - HTTP (Request)	High		2019/07/22	DDI RULE 4157	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4157
DDI RULE 1122	Office Document File Internal Transfer	Low		2019/07/22	DDI RULE 1122	/vinfo/ph/threat-encyclopedia/network/ddi-rule-1122
DDI RULE 1123	Office Document File Upload	Low		2019/07/22	DDI RULE 1123	/vinfo/ph/threat-encyclopedia/network/ddi-rule-1123
DDI RULE 1119	HTTP Request - Hostname is an IP address	Low		2019/07/22	DDI RULE 1119	/vinfo/ph/threat-encyclopedia/network/ddi-rule-1119
DDI RULE 4155	EICAR COBALTSTRIKE - HTTP (Response)	High		2019/07/18	DDI RULE 4155	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4155
DDI RULE 4153	COBALTSTRIKE - HTTP (Request) - Variant 2	High		2019/07/18	DDI RULE 4153	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4153
DDI RULE 4138	ICEDID - HTTP (Request) - Variant 2	High		2019/07/18	DDI RULE 4138	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4138
DDI RULE 4139	ICEDID - HTTP (Response)	High		2019/07/18	DDI RULE 4139	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4139
DDI RULE 4151	WANNALOCKER - Ransomware - HTTP (Request)	High		2019/07/17	DDI RULE 4151	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4151
DDI RULE 4149	Possible CVE-2019-1040 MS NTLM Tampering Exploit - SMB (Request)	Low		2019/07/16	DDI RULE 4149	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4149
DDI RULE 4132	SHELLBOT - IRC (Request)	High		2019/07/16	DDI RULE 4132	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4132
DDI RULE 4140	INFOSTEAL - HTTP (Request) - Variant 6	High		2019/07/15	DDI RULE 4140	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4140
DDI RULE 4136	ECH0RAIX - Ransomware - TCP (Request)	High		2019/07/12	DDI RULE 4136	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4136
DDI RULE 4121	Dogfood CRM spell.php Remote Command Execution - HTTP (Request)	High		2019/07/11	DDI RULE 4121	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4121
DDI RULE 4123	Redmine SCM Repository 0.9.x/1.0.x - Remote Command Execution - HTTP (Request)	High		2019/07/11	DDI RULE 4123	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4123
DDI RULE 4122	CTEK SkyRouter 4200/4300 - Command Execution - HTTP (Request)	High		2019/07/10	DDI RULE 4122	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4122
DDI RULE 4119	Awstats Remote Command Injection - HTTP (Request)	High		2019/07/10	DDI RULE 4119	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4119
DDI RULE 4120	CVE-2005-2847 Barracuda IMG.pl Remote Command Execution - HTTP (Request)	High		2019/07/10	DDI RULE 4120	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4120
DDI RULE 4105	POSSIBLE MALICIOUS CHROME EXTENSION - HTTP (Request)	Medium		2019/07/10	DDI RULE 4105	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4105
DDI RULE 2578	CVE-2017-17215 - Remote Code Execution - HTTP (Request)	High		2019/07/10	DDI RULE 2578	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2578
DDI RULE 4130	APT - NFLOG - HTTP (Request) - Variant 2	High		2019/07/09	DDI RULE 4130	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4130
DDI RULE 4131	NANOCORE - TCP (Request)	High		2019/07/09	DDI RULE 4131	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4131
DDI RULE 4118	CVE-2007-3010 Alcatel-Lucent OmniPCX Enterprise Communication Server 7.1 Command Injection - HTTP (Request)	High		2019/07/09	DDI RULE 4118	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4118
DDI RULE 4127	Suspicious PowerQuery - HTTP (Response)	Medium		2019/07/08	DDI RULE 4127	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4127
DDI RULE 4124	GetShell CKNIFE - HTTP (Request)	High		2019/07/08	DDI RULE 4124	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4124
DDI RULE 2846	SPELEVO - Exploit Kit -HTTP (Response)	High		2019/07/04	DDI RULE 2846	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2846
DDI RULE 4117	Spreecommerce 0.60.1 - Remote Command Execution - HTTP (Request)	High		2019/07/02	DDI RULE 4117	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4117
DDI RULE 4113	CVE-2019-12095 Horde Webmail Unauthenticated XSS Exploit - HTTP (Request)	High		2019/07/01	DDI RULE 4113	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4113
DDI RULE 4103	Daemon DD-WRT Unauthenticated RCE Exploit - HTTP (Request)	High		2019/06/26	DDI RULE 4103	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4103
DDI RULE 4104	Asmax RCE Exploit - HTTP (Request)	High		2019/06/26	DDI RULE 4104	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4104
DDI RULE 2943	CVE-2013-5758 Yealink VoIP Phone SIP-T38G RCE - HTTP (Request)	High		2019/06/26	DDI RULE 2943	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2943
DDI RULE 2903	Oracle Weblogic Remote Command Execution Exploit - HTTP (Request)	High		2019/06/25	DDI RULE 2903	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2903
DDI RULE 2871	possible Directory Traversal Exploit Attempted - URI Variable/URI Path - HTTP (Request)	High		2019/06/25	DDI RULE 2871	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2871
DDI RULE 1184	possible Directory Traversal Exploit Attempted - Messagebody - HTTP (Request)	Low		2019/06/25	DDI RULE 1184	/vinfo/ph/threat-encyclopedia/network/ddi-rule-1184
DDI RULE 2172	NULL BYTES - HTTP (Request)	Low		2019/06/24	DDI RULE 2172	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2172
DDI RULE 2949	CVE-2013-5948 Asus device Remote code Execution Exploit- HTTP (Request)	High		2019/06/24	DDI RULE 2949	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2949
DDI RULE 4101	CVE-2019-10149 Exim Remote Code Execution Exploit - SMTP (Request) - Variant 2	High		2019/06/24	DDI RULE 4101	/vinfo/ph/threat-encyclopedia/network/ddi-rule-4101
DDI RULE 2811	CVE-2018-15887 Asus device Remote code Execution Exploit- HTTP (Request)	High		2019/06/24	DDI RULE 2811	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2811
DDI RULE 2786	ThinkPHP 5x Remote Code Execution - HTTP (Request)	High		2019/06/24	DDI RULE 2786	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2786
DDI RULE 2921	Possible Vulnerable Channel - RDP (Request) - Variant 2	Low		2019/06/12	DDI RULE 2921	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2921
DDI RULE 2922	CVE-2014-6287 Rejetto HttpFileServer RCE Exploit - HTTP (Request)	High		2019/06/11	DDI RULE 2922	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2922
DDI RULE 2898	Weblogic Unauthenticated RCE Exploit- HTTP (Request)	Medium		2019/06/11	DDI RULE 2898	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2898
DDI RULE 2933	HIDDENWASP - TCP Connection	High		2019/06/11	DDI RULE 2933	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2933
DDI RULE 2894	CVE-2019-0192 Apache SOLR RCE Exploit - HTTP (Request)	High		2019/06/10	DDI RULE 2894	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2894
DDI RULE 2895	CVE-2014-9727 Fritz RCE Exploit - HTTP (Request)	High		2019/06/10	DDI RULE 2895	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2895
DDI RULE 2896	Fritz RCE Exploit - HTTP (Request)	High		2019/06/10	DDI RULE 2896	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2896
DDI RULE 2874	ZEROSHELL RCE EXPLOIT - HTTP (Request)	High		2019/06/10	DDI RULE 2874	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2874
DDI RULE 2825	CVE-2010-1871 JBOSS Remote Code Execution - HTTP (Request)	High		2019/06/10	DDI RULE 2825	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2825
DDI RULE 2858	CVE-2019-1652 CISCO UNAUTHENTICATED RCE - HTTP (Request)	High		2019/06/10	DDI RULE 2858	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2858
DDI RULE 2638	CVE-2018-7602 - Remote Code Execution - HTTP (Request)	High		2019/06/06	DDI RULE 2638	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2638
DDI RULE 2884	CVE-2018-19127 PHPCMS2008 Code Injection - HTTP (Request)	High		2019/06/06	DDI RULE 2884	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2884
DDI RULE 2930	Possible RIG Exploit Kit - HTTP (Request)	Low		2019/06/06	DDI RULE 2930	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2930
DDI RULE 2931	HIDDENWASP - TCP (Request)	High		2019/06/06	DDI RULE 2931	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2931
DDI RULE 2932	HIDDENWASP - TCP (Response)	High		2019/06/06	DDI RULE 2932	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2932
DDI RULE 3	Suspicious executable file extension - Variant 2	High		2019/06/06	DDI RULE 3	/vinfo/ph/threat-encyclopedia/network/ddi-rule-3
DDI RULE 30	Email/Instant message containing malicious URL	High		2019/06/06	DDI RULE 30	/vinfo/ph/threat-encyclopedia/network/ddi-rule-30
DDI RULE 2348	CVE-2017-5638 - APACHE STRUTS EXPLOIT - HTTP (Request)	High		2019/06/06	DDI RULE 2348	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2348
DDI RULE 2927	Possible WEBSHELL Command - HTTP (Request)	Medium		2019/06/05	DDI RULE 2927	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2927
DDI RULE 2917	CVE-2019-3719 Dell Support Assist RCE - HTTP (Request)	High		2019/06/05	DDI RULE 2917	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2917
DDI RULE 2928	EANVER Webshell - HTTP (Request)	High		2019/06/04	DDI RULE 2928	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2928
DDI RULE 2924	Possible PHP Admin Bruteforce - HTTP (Request)	Low		2019/06/04	DDI RULE 2924	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2924
DDI RULE 2925	HAWKEYE - SMTP (Request)	High		2019/06/04	DDI RULE 2925	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2925
DDI RULE 2926	WePresent WiPG1000 Command Injection - HTTP (Request)	High		2019/06/04	DDI RULE 2926	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2926
DDI RULE 2132	NEUTRINO - Exploit Kit - HTTP (Request) - Variant 2	Low		2019/06/04	DDI RULE 2132	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2132
DDI RULE 2776	Possible XML External Entity Attack - HTTP (Response)	Medium		2019/06/03	DDI RULE 2776	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2776
DDI RULE 2923	BLASQUI Webshell - HTTP (Request)	High		2019/05/30	DDI RULE 2923	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2923
DDI RULE 2920	JNAP Information Disclosure Attempt - HTTP (Request)	Medium		2019/05/29	DDI RULE 2920	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2920
DDI RULE 2918	CVE-2018-7841 - SCHNEIDER ELECTRIC - HTTP (Request)	High		2019/05/23	DDI RULE 2918	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2918
DDI RULE 2913	Possible Vulnerable Channel - RDP (Request)	Low		2019/05/23	DDI RULE 2913	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2913
DDI RULE 2889	ANTSWORD - HTTP (Request)	High		2019/05/21	DDI RULE 2889	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2889
DDI RULE 2770	Possible XML Information Disclosure - HTTP (Response)	High		2019/05/21	DDI RULE 2770	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2770
DDI RULE 2885	Remote Code Execution - EXPLOIT - HTTP (Request) - Variant 6	High		2019/05/20	DDI RULE 2885	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2885
DDI RULE 2912	CVE-2019-0604 SharePoint Remote Code Execution Exploit - HTTP (Request)	Medium		2019/05/20	DDI RULE 2912	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2912
DDI RULE 2915	ASLIROR - HTTP (Request)	High		2019/05/20	DDI RULE 2915	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2915
DDI RULE 2916	FUNARECHBOT - TCP (Request)	High		2019/05/20	DDI RULE 2916	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2916
DDI RULE 2911	HYPERSHELL - WEBSHELL - HTTP (Request)	High		2019/05/15	DDI RULE 2911	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2911
DDI RULE 2877	CVE-2019-0232 Apache Tomcat RCE - HTTP (Request)	High		2019/05/15	DDI RULE 2877	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2877
DDI RULE 2908	CVE-2018-16509 GHOSTSCRIPT UNAUTHENTICATED - HTTP (Request)	High		2019/05/13	DDI RULE 2908	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2908
DDI RULE 2071	CERBER - Ransomware - UDP	High		2019/05/13	DDI RULE 2071	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2071
DDI RULE 2904	Possible IE Exploit - HTTP (Response) - Variant 5	High		2019/05/09	DDI RULE 2904	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2904
DDI RULE 2905	Possible IE Exploit - HTTP (Response) - Variant 6	High		2019/05/09	DDI RULE 2905	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2905
DDI RULE 2906	CVE-2017-8046 - SPRINGDATA - HTTP (Request)	High		2019/05/09	DDI RULE 2906	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2906
DDI RULE 2886	CVE-2018-1270 - SPRINGDATA - HTTP (Request)	High		2019/05/09	DDI RULE 2886	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2886
DDI RULE 2899	CVE-2018-1000861 - JENKINS - HTTP (Request)	High		2019/05/09	DDI RULE 2899	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2899
DDI RULE 2901	CVE-2014-0160 Malformed Heartbeat - SSL (Response) - Variant 2	Medium		2019/05/08	DDI RULE 2901	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2901
DDI RULE 2902	SAP Gateway Remote Code Execution Exploit - TCP	Medium		2019/05/08	DDI RULE 2902	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2902
DDI RULE 2900	Possible PNG Exploit - HTTP (Request)	Medium		2019/05/07	DDI RULE 2900	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2900
DDI RULE 1879	Possible COREBOT DNS Response	Medium		2019/05/07	DDI RULE 1879	/vinfo/ph/threat-encyclopedia/network/ddi-rule-1879
DDI RULE 2880	CVE-2019-5418 - RUBY ON RAILS - FILE CONTENT DISCLOSURE - HTTP (Request)	High		2019/05/03	DDI RULE 2880	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2880
DDI RULE 2892	NAMECOIN - HTTP (Request)	High		2019/05/02	DDI RULE 2892	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2892
DDI RULE 2893	JEXBOSS - HTTP (Request)	High		2019/05/02	DDI RULE 2893	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2893
DDI RULE 2890	INFOSTEAL - HTTP (Request) - Variant 5	High		2019/04/30	DDI RULE 2890	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2890
DDI RULE 2891	EMPIRE - HTTP (Request) - Variant 3	High		2019/04/30	DDI RULE 2891	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2891
DDI RULE 2887	CVE-2019-3396 - ATLASSIAN CONFLUENCE - HTTP (Request)	High		2019/04/25	DDI RULE 2887	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2887
DDI RULE 2888	FASTJSON Deserialization Exploit - HTTP (Request)	High		2019/04/25	DDI RULE 2888	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2888
DDI RULE 29	Unregistered sender and recipient domains - Email	Low		2019/04/24	DDI RULE 29	/vinfo/ph/threat-encyclopedia/network/ddi-rule-29
DDI RULE 2883	Possible PUT Header Scanner - HTTP (Response)	Low		2019/04/24	DDI RULE 2883	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2883
DDI RULE 2881	HYDRA WEBSHELL - HTTP (Request)	High		2019/04/23	DDI RULE 2881	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2881
DDI RULE 2878	APT - POORWEB - HTTP (Request)	High		2019/04/23	DDI RULE 2878	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2878
DDI RULE 2879	IIS - SCANNER - HTTP (Request)	Medium		2019/04/22	DDI RULE 2879	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2879
DDI RULE 2342	IMEIJ - TCP	High		2019/04/18	DDI RULE 2342	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2342
DDI RULE 2875	CVE-2011-1966 DNS NAPTR QUERY EXPLOIT - DNS (Response)	High		2019/04/17	DDI RULE 2875	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2875
DDI RULE 2876	PCASTLE - HTTP (Response)	High		2019/04/17	DDI RULE 2876	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2876
DDI RULE 2600	CVE-2017-10271 - Oracle Weblogic Exploit - HTTP (Request)	High		2019/04/16	DDI RULE 2600	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2600
DDI RULE 2872	XWO - Backdoor - HTTP (Request)	High		2019/04/11	DDI RULE 2872	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2872
DDI RULE 2873	THINKPHP SQL INJECT Exploit - HTTP (Request)	High		2019/04/10	DDI RULE 2873	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2873
DDI RULE 2869	CANITMUP - HTTP (Request)	High		2019/04/10	DDI RULE 2869	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2869
DDI RULE 2870	IPCAMERA - EXPLOIT - RCE - HTTP (Request)	High		2019/04/09	DDI RULE 2870	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2870
DDI RULE 2867	BELKIN Router - HTTP (Request) - Variant 2	High		2019/04/09	DDI RULE 2867	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2867
DDI RULE 2868	ZTE Router - HTTP (Request) - Variant 2	High		2019/04/09	DDI RULE 2868	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2868
DDI RULE 1645	Possible Self-Signed SSL certificate detected	Medium		2019/04/09	DDI RULE 1645	/vinfo/ph/threat-encyclopedia/network/ddi-rule-1645
DDI RULE 2526	NECURS - HTTP (Request) - Variant 2	High		2019/04/09	DDI RULE 2526	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2526
DDI RULE 2865	CVE-2018-17173 LG Supersign Remote Code Execution - HTTP (Request)	High		2019/04/08	DDI RULE 2865	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2865
DDI RULE 2866	MICASAVERDE VERALITE - Remote Code Execution - HTTP (Request)	High		2019/04/08	DDI RULE 2866	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2866
DDI RULE 2861	ShadowHammer - DNS (Response)	High		2019/04/04	DDI RULE 2861	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2861
DDI RULE 2816	PHP DIESCAN - HTTP (Request)	High		2019/04/04	DDI RULE 2816	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2816
DDI RULE 2568	COBALTSTRIKE - DNS (Response)	High		2019/04/04	DDI RULE 2568	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2568
DDI RULE 2569	TOXOCARA - DNS (Response)	High		2019/04/04	DDI RULE 2569	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2569
DDI RULE 1084	RED OCTOBER ATTACK DNS Response - Class 1	High		2019/04/04	DDI RULE 1084	/vinfo/ph/threat-encyclopedia/network/ddi-rule-1084
DDI RULE 1009	PE_XPAJ DNS Response - Class 1	High		2019/04/04	DDI RULE 1009	/vinfo/ph/threat-encyclopedia/network/ddi-rule-1009
DDI RULE 1845	RANSOM CRYPRAAS DNS Connection detected	High		2019/04/04	DDI RULE 1845	/vinfo/ph/threat-encyclopedia/network/ddi-rule-1845
DDI RULE 1734	RANSOM CRYPCTB DNS Connection detected	High		2019/04/04	DDI RULE 1734	/vinfo/ph/threat-encyclopedia/network/ddi-rule-1734
DDI RULE 1779	RANSOM CRILOCK DNS Connection	High		2019/04/04	DDI RULE 1779	/vinfo/ph/threat-encyclopedia/network/ddi-rule-1779
DDI RULE 2000	Metasploit(Payload) - Reverse DLL Inject - TCP (Response)	High		2019/04/04	DDI RULE 2000	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2000
DDI RULE 2043	OSX KeRanger DNS Connection detected	High		2019/04/04	DDI RULE 2043	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2043
DDI RULE 2497	CCHACK - DNS (Response)	High		2019/04/04	DDI RULE 2497	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2497
DDI RULE 2863	PHP DASHBOARD SQLINJECT - HTTP (Request)	High		2019/04/03	DDI RULE 2863	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2863
DDI RULE 2864	CVE-2018-1149 NUUO NVRMini2 BufferOverflow - HTTP (Request)	High		2019/04/03	DDI RULE 2864	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2864
DDI RULE 2860	Belking Wemo UPnP RCE Exploit - HTTP (Request)	High		2019/04/02	DDI RULE 2860	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2860
DDI RULE 2862	MARSATORMIN - HTTP (Request)	High		2019/03/28	DDI RULE 2862	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2862
DDI RULE 2859	Possible SPELEVO - Exploit Kit -HTTP (Response)	High		2019/03/28	DDI RULE 2859	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2859
DDI RULE 2856	DLINK Command Injection Exploit - HTTP (Request) - Variant 3	High		2019/03/28	DDI RULE 2856	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2856
DDI RULE 2853	NETGEAR DGN2200v1/v2/v3/v4 - CVE-2017-6334 - Remote Code Execution - HTTP (Request)	Low		2019/03/27	DDI RULE 2853	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2853
DDI RULE 2854	LINKSYS_WRT110 - CVE-2013-3568 - Remote Code Execution - HTTP (Request)	Low		2019/03/27	DDI RULE 2854	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2854
DDI RULE 2840	NETCOMMWIRELESS - CVE-2015-6023 - CVE-2015-6024 - Remote Code Execution - HTTP (Request)	Low		2019/03/27	DDI RULE 2840	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2840
DDI RULE 2839	ZTE F460 F660 - Remote Code Execution - HTTP (Request)	High		2019/03/26	DDI RULE 2839	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2839
DDI RULE 2855	Netgear Prosafe RCE Exploit - HTTP (Request)	High		2019/03/26	DDI RULE 2855	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2855
DDI RULE 2857	DLINK 930L RCE EXPLOIT - HTTP (Request)	High		2019/03/26	DDI RULE 2857	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2857
DDI RULE 2828	Zyxel - Remote Code Execution - HTTP (Request)	High		2019/03/26	DDI RULE 2828	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2828
DDI RULE 2829	Zyxel - Command Injection - HTTP (Request)	High		2019/03/20	DDI RULE 2829	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2829
DDI RULE 2830	Billion-5200W-T - Command Injection - HTTP (Request)	High		2019/03/20	DDI RULE 2830	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2830
DDI RULE 2831	Billion 5200W-T - Remote Code Execution - HTTP (Request) - Variant 2	High		2019/03/20	DDI RULE 2831	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2831
DDI RULE 2852	DOC File downloaded in root directory - HTTP (Response)	High		2019/03/20	DDI RULE 2852	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2852
DDI RULE 2841	3COM - Remote Code Execution - HTTP (Request)	High		2019/03/20	DDI RULE 2841	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2841
DDI RULE 1631	Remote Schedule Tasks through SMB protocol detected - Create Command	Low		2019/03/20	DDI RULE 1631	/vinfo/ph/threat-encyclopedia/network/ddi-rule-1631
DDI RULE 1632	Remote Schedule Tasks through SMB protocol detected - Run Command	Low		2019/03/20	DDI RULE 1632	/vinfo/ph/threat-encyclopedia/network/ddi-rule-1632
DDI RULE 1633	Remote Schedule Tasks through SMB protocol detected - Delete Command	Low		2019/03/20	DDI RULE 1633	/vinfo/ph/threat-encyclopedia/network/ddi-rule-1633
DDI RULE 1763	STRPADT - HTTP (Request)	High		2019/03/19	DDI RULE 1763	/vinfo/ph/threat-encyclopedia/network/ddi-rule-1763
DDI RULE 2849	CVE-2019-9194-HTTP RCE - ELFINDER (Request)	High		2019/03/19	DDI RULE 2849	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2849
DDI RULE 2850	CHWRITER - HTTP (Request)	High		2019/03/19	DDI RULE 2850	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2850
DDI RULE 2851	MAKO WEB SERVER - Command Injection - HTTP (Request)	High		2019/03/19	DDI RULE 2851	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2851
DDI RULE 2710	FLAWEDAMMYY - TCP (Request)	High		2019/03/18	DDI RULE 2710	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2710
DDI RULE 2400	Remote Enumerate Registry through SMB protocol detected	Low		2019/03/18	DDI RULE 2400	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2400
DDI RULE 2401	Remote Read Registry through SMB protocol detected	Low		2019/03/18	DDI RULE 2401	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2401
DDI RULE 2415	Remote Delete Registry through SMB protocol detected	Low		2019/03/18	DDI RULE 2415	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2415
DDI RULE 2068	DRIDEX - SSL (Request)	High		2019/03/13	DDI RULE 2068	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2068
DDI RULE 2848	INFOSTEAL - HTTP (Request) - Variant 4	High		2019/03/13	DDI RULE 2848	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2848
DDI RULE 2834	CVE-2019-8942 WordPress Image Remote Code Execution Exploit - HTTP (Request)	High		2019/03/12	DDI RULE 2834	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2834
DDI RULE 2780	TRICKBOT - HTTP (Request)	High		2019/03/12	DDI RULE 2780	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2780
DDI RULE 2847	INFOSTEAL - FTP (Request)	High		2019/03/11	DDI RULE 2847	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2847
DDI RULE 2844	RIG - Exploit Kit - HTTP (Request) - Variant 2	High		2019/03/11	DDI RULE 2844	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2844
DDI RULE 2408	Remote Enumerate Job through SMB protocol detected	Low		2019/03/11	DDI RULE 2408	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2408
DDI RULE 2352	CVE-2017-5638 - APACHE STRUTS EXPLOIT - HTTP (Request) - Variant 2	High		2019/03/11	DDI RULE 2352	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2352
DDI RULE 1535	ZACOM - HTTP (Request)	High		2019/03/11	DDI RULE 1535	/vinfo/ph/threat-encyclopedia/network/ddi-rule-1535
DDI RULE 1195	Remote Add Job through SMB Protocol Detected	Low		2019/03/11	DDI RULE 1195	/vinfo/ph/threat-encyclopedia/network/ddi-rule-1195
DDI RULE 1196	Remote Delete Job through SMB Detected	Medium		2019/03/11	DDI RULE 1196	/vinfo/ph/threat-encyclopedia/network/ddi-rule-1196
DDI RULE 12	Archive file containing file with double extension	Medium		2019/03/11	DDI RULE 12	/vinfo/ph/threat-encyclopedia/network/ddi-rule-12
DDI RULE 2845	Possible PDF in Chrome Information Disclosure - HTTP (Request)	Medium		2019/03/07	DDI RULE 2845	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2845
DDI RULE 2826	JBOSS Webshell - HTTP (Request)	High		2019/03/06	DDI RULE 2826	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2826
DDI RULE 2819	FASTGATE - Command Injection - HTTP (Request)	High		2019/03/06	DDI RULE 2819	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2819
DDI RULE 2814	JOOMLA - HTTP (Request)	High		2019/03/05	DDI RULE 2814	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2814
DDI RULE 2791	EMPIRE - HTTP (Request) - Variant 2	Medium		2019/03/05	DDI RULE 2791	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2791
DDI RULE 2836	CVE-2017-0171 - Denial of Service - DNS (Response)	Medium		2019/03/05	DDI RULE 2836	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2836
DDI RULE 2837	CVE-2012-0874 JBOSS JMXInvoker/EJBinvoker Remote Code Execution Exploit - HTTP (Request)	Medium		2019/03/05	DDI RULE 2837	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2837
DDI RULE 2842	CVE-2014-9118 ZHONE RCE EXPLOIT - HTTP (Request)	High		2019/03/05	DDI RULE 2842	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2842
DDI RULE 2843	ZHONE XSS Exploit - HTTP (Request)	High		2019/03/05	DDI RULE 2843	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2843
DDI RULE 2838	SPEAKUP - HTTP (Request)	High		2019/03/04	DDI RULE 2838	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2838
DDI RULE 2835	CVE-2016-3088 ACTIVEMQ - HTTP (Request)	High		2019/03/04	DDI RULE 2835	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2835
DDI RULE 2806	CVE-2016-1555 - Netgear Devices - Unauthenticated Remote Code Execution - HTTP (Request)	High		2019/03/04	DDI RULE 2806	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2806
DDI RULE 2820	Hootoo HT5 Remote code Execution - HTTP (Request)	High		2019/03/04	DDI RULE 2820	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2820
DDI RULE 2833	CVE-2019-6340 Drupal 8 RESTful Web Services Remote Code Execution - HTTP (Request)	High		2019/03/04	DDI RULE 2833	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2833
DDI RULE 2823	CKNIFE - HTTP (Request) - Variant 2	High		2019/02/21	DDI RULE 2823	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2823
DDI RULE 2824	CVE-2015-2280 AirLink OS Command Injection - HTTP (Request)	High		2019/02/21	DDI RULE 2824	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2824
DDI RULE 2822	RATBLAMIK - TCP (Request)	High		2019/02/20	DDI RULE 2822	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2822
DDI RULE 2821	NEUTRINO - HTTP (Response)	Medium		2019/02/19	DDI RULE 2821	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2821
DDI RULE 2385	SOAP RCE EXPLOIT - HTTP (Request)	High		2019/02/14	DDI RULE 2385	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2385
DDI RULE 2224	Covert Iodine tunnel - DNS (Request)	Low		2019/02/12	DDI RULE 2224	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2224
DDI RULE 2795	Unauthorized Write Request - DNP3 (Request)	Low		2019/02/11	DDI RULE 2795	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2795
DDI RULE 2796	Unauthorized Broadcast Request - DNP3 (Request)	Low		2019/02/11	DDI RULE 2796	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2796
DDI RULE 2797	Possible Denial of Service - DNP3 (Request)	Low		2019/02/11	DDI RULE 2797	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2797
DDI RULE 2798	Unauthorized Read Request - DNP3 (Request)	Low		2019/02/11	DDI RULE 2798	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2798
DDI RULE 2799	Possible Scan of Points List - DNP3 (Response) Beta	Low		2019/02/11	DDI RULE 2799	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2799
DDI RULE 28	Unregistered service running on non-standard port	Low		2019/02/11	DDI RULE 28	/vinfo/ph/threat-encyclopedia/network/ddi-rule-28
DDI RULE 2800	Possible Scan of Outstation - DNP3 (Response) Beta	Low		2019/02/11	DDI RULE 2800	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2800
DDI RULE 2801	Multiple Unsolicited Response - DNP3 (Response) Beta	Low		2019/02/11	DDI RULE 2801	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2801
DDI RULE 2807	TEAMFOSTEALER - HTTP (Request)	High		2019/02/07	DDI RULE 2807	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2807
DDI RULE 2812	CVE-2018-8581 MS Exchange Server NTLM Authentication Bypass HTTP - (Request)	Medium		2019/02/07	DDI RULE 2812	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2812
DDI RULE 2813	CVE-2018-8581 MS Exchange Server NTLM Authentication Bypass HTTP - (Response)	High		2019/02/07	DDI RULE 2813	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2813
DDI RULE 2810	CVE-2019-6703 WordPress Total Donations Unauthentication Exploit - HTTP (Request)	Medium		2019/02/07	DDI RULE 2810	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2810
DDI RULE 2209	NEUTRINO - Exploit Kit - HTTP (Request) - Variant 5	Medium		2019/02/06	DDI RULE 2209	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2209
DDI RULE 1562	DARKHOLE - HTTP (Request) - Variant 2	High		2019/02/06	DDI RULE 1562	/vinfo/ph/threat-encyclopedia/network/ddi-rule-1562
DDI RULE 2817	KEYPATH Command Injection - HTTP (Request)	High		2019/02/05	DDI RULE 2817	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2817
DDI RULE 2818	SERVHELPER - HTTP (Request)	High		2019/02/05	DDI RULE 2818	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2818
DDI RULE 2815	SIEREN - TCP(Request)	High		2019/01/31	DDI RULE 2815	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2815
DDI RULE 2306	KVNDM - HTTP (Request)	High		2019/01/30	DDI RULE 2306	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2306
DDI RULE 2808	FALLOUT - Exploit Kit - HTTP (Response) - Variant 3	Medium		2019/01/29	DDI RULE 2808	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2808
DDI RULE 2802	Oracle Weblogic Exploit - HTTP (Request)	High		2019/01/23	DDI RULE 2802	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2802
DDI RULE 2803	Link-Net LW-N605R Remote Code Execution Exploit - HTTP (Request)	High		2019/01/23	DDI RULE 2803	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2803
DDI RULE 2804	Possible Router Exploit Kit - HTTP (Response)	High		2019/01/23	DDI RULE 2804	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2804
DDI RULE 2805	CVE-2019-0547 Client Remote Code Execution Exploit - DHCP (Response)	Medium		2019/01/23	DDI RULE 2805	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2805
DDI RULE 1871	DRIDEX - HTTP (Request) - Variant 3	High		2019/01/23	DDI RULE 1871	/vinfo/ph/threat-encyclopedia/network/ddi-rule-1871
DDI RULE 2143	SQLINJECT - HTTP (Request)	Low		2019/01/22	DDI RULE 2143	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2143
DDI RULE 2793	APT - WINNTI - HTTP (Response)	High		2019/01/21	DDI RULE 2793	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2793
DDI RULE 2794	RIG - Exploit Kit - HTTP (Request) - Variant 7	High		2019/01/17	DDI RULE 2794	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2794
DDI RULE 2520	MAGNITUDE - Exploit Kit - HTTP (Request) - Variant 4	High		2019/01/17	DDI RULE 2520	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2520
DDI RULE 1549	APT - WINNTI - HTTP (Request)	High		2019/01/14	DDI RULE 1549	/vinfo/ph/threat-encyclopedia/network/ddi-rule-1549
DDI RULE 2792	APT - KONNI - HTTP (Request)	High		2019/01/09	DDI RULE 2792	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2792
DDI RULE 2144	NEUTRINO - Exploit Kit - HTTP (Request) - Variant 3	Medium		2019/01/03	DDI RULE 2144	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2144
DDI RULE 2789	CVE-2018-8653 MSIE Remote Code Execution - HTTP (Response)	Medium		2018/12/27	DDI RULE 2789	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2789
DDI RULE 2790	APT - WILDPOSITRON - HTTP (Request)	High		2018/12/26	DDI RULE 2790	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2790
DDI RULE 1229	ALINA HTTP request - Variant 1	High		2018/12/26	DDI RULE 1229	/vinfo/ph/threat-encyclopedia/network/ddi-rule-1229
DDI RULE 2787	CRISISHT - HTTP (Request)	Medium		2018/12/20	DDI RULE 2787	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2787
DDI RULE 2788	CVE-2018-8476 Windows Deployment Services Remote Code Execution Exploit - TFTP (Request)	Medium		2018/12/20	DDI RULE 2788	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2788
DDI RULE 2784	Ncrack/Hydra Brute Force Tool - RDP(Request)	High		2018/12/19	DDI RULE 2784	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2784
DDI RULE 2785	L0RDIX - HTTP (Request)	Medium		2018/12/18	DDI RULE 2785	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2785
DDI RULE 2397	STONEDRILL - HTTP (Request) - Variant 2	High		2018/12/18	DDI RULE 2397	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2397
DDI RULE 2779	DNSpoinage DNS - (Response)	High		2018/12/12	DDI RULE 2779	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2779
DDI RULE 2782	TILDEB - TCP (Request)	Medium		2018/12/11	DDI RULE 2782	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2782
DDI RULE 2081	CRYPTEAR - Ransomware - HTTP (Request)	High		2018/12/11	DDI RULE 2081	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2081
DDI RULE 2418	Suspicious file rename - SMB (Request)	High		2018/12/04	DDI RULE 2418	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2418
DDI RULE 2420	Shodan Internet Scan - Malware Hunter C&C Server Scan	Low		2018/12/04	DDI RULE 2420	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2420
DDI RULE 2421	Shodan Internet Scan - Possible Exposed Device/Service	Low		2018/12/04	DDI RULE 2421	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2421
DDI RULE 2442	Possible PsExec PETYA - Ransomware - SMB	Medium		2018/12/04	DDI RULE 2442	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2442
DDI RULE 1214	BAYROB - HTTP (Request)	Medium		2018/11/28	DDI RULE 1214	/vinfo/ph/threat-encyclopedia/network/ddi-rule-1214
DDI RULE 2731	KAIXIN - Exploit Kit - HTTP (Response) - Variant 5	High		2018/11/22	DDI RULE 2731	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2731
DDI RULE 2777	Apache Struts File Upload - HTTP (Request)	High		2018/11/21	DDI RULE 2777	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2777
DDI RULE 2778	ZTE ZXV10 Remote Code Execution Exploit - HTTP (Request)	High		2018/11/21	DDI RULE 2778	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2778
DDI RULE 2775	DOCKER API - HTTP (Request)	High		2018/11/21	DDI RULE 2775	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2775
DDI RULE 2621	Remote Code Execution - HTTP (Request)	High		2018/11/21	DDI RULE 2621	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2621
DDI RULE 2771	APT - POISONIVY - HTTP (Request)	High		2018/11/20	DDI RULE 2771	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2771
DDI RULE 2772	APT - GHOST - TCP (Request)	High		2018/11/20	DDI RULE 2772	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2772
DDI RULE 2774	APT - POWLOADR - HTTP (Request)	High		2018/11/20	DDI RULE 2774	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2774
DDI RULE 2713	AVTECH Command Injection Exploit - HTTP (Request)	High		2018/11/20	DDI RULE 2713	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2713
DDI RULE 2474	APT - PLEAD - TCP (Request)	High		2018/11/20	DDI RULE 2474	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2474
DDI RULE 2494	APT - ANEL - HTTP (Request)	High		2018/11/20	DDI RULE 2494	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2494
DDI RULE 2716	BINBASH Download - HTTP (Response)	High		2018/11/12	DDI RULE 2716	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2716
DDI RULE 2765	GZ Inflate in PHP File - HTTP (Response)	Low		2018/11/12	DDI RULE 2765	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2765
DDI RULE 2766	Possible WINBOX Remote Code Execution - TCP	Medium		2018/11/12	DDI RULE 2766	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2766
DDI RULE 2767	Window Shell Remote Code Execution - HTTP (Response)	High		2018/11/12	DDI RULE 2767	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2767
DDI RULE 2768	DLINK Router Dns Changer Exploit - HTTP (Request)	High		2018/11/12	DDI RULE 2768	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2768
DDI RULE 277	AUTORUN - HTTP (Response) - Variant 2	High		2018/11/12	DDI RULE 277	/vinfo/ph/threat-encyclopedia/network/ddi-rule-277
DDI RULE 2764	Possible CVE-2018-8413 Windows Theme API RCE Download - HTTP (Response)	Medium		2018/11/08	DDI RULE 2764	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2764
DDI RULE 2763	Possible CVE-2018-15454 - Cisco ASA and FTD Software DOS - UDP (Response)	Low		2018/11/07	DDI RULE 2763	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2763
DDI RULE 2762	CVE-2018-9206 - JQuery Arbitrary File Upload Exploit Attempt - HTTP (Request)	High		2018/11/06	DDI RULE 2762	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2762
DDI RULE 2756	Possible ADWIND - Malicious Certificate - HTTPS (Response)	Low		2018/11/06	DDI RULE 2756	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2756
DDI RULE 2007	URSNIF - HTTP (Request) - Variant 3	High		2018/11/06	DDI RULE 2007	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2007
DDI RULE 2759	UNDERMINER - Exploit Kit - HTTP (Request) - Variant 2	High		2018/10/30	DDI RULE 2759	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2759
DDI RULE 2760	DRIDEX - Malicious certificate - SSL - Variant 2	High		2018/10/30	DDI RULE 2760	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2760
DDI RULE 2761	URSNIF - HTTP (Request) - Variant 6	High		2018/10/30	DDI RULE 2761	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2761
DDI RULE 2632	GRAVITYRAT - HTTP (Request)	High		2018/10/29	DDI RULE 2632	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2632
DDI RULE 1170	ANDROMEDA - HTTP (Request)	High		2018/10/25	DDI RULE 1170	/vinfo/ph/threat-encyclopedia/network/ddi-rule-1170
DDI RULE 2757	ELF File requested from root directory - HTTP (Response)	High		2018/10/22	DDI RULE 2757	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2757
DDI RULE 2758	GZ File requested from root directory - HTTP (Request)	High		2018/10/22	DDI RULE 2758	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2758
DDI RULE 2724	CVE-2018-8373 VBScript Use-After-Free Exploit - HTTP (Response)	Medium		2018/10/08	DDI RULE 2724	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2724
DDI RULE 2726	CVE-2018-11776 - APACHE STRUTS RCE EXPLOIT - HTTP (Request)	High		2018/10/04	DDI RULE 2726	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2726
DDI RULE 2754	EnGenius EnShare Remote Code Execution Exploit - HTTP (Request)	High		2018/10/03	DDI RULE 2754	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2754
DDI RULE 2755	CVE-2017-6884 Zyxel OS Command Injection Exploit - HTTP (Request)	Medium		2018/10/03	DDI RULE 2755	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2755
DDI RULE 2692	LINKSYS Unauthenticated Remote Code Execution Exploit - HTTP (Request)	High		2018/10/03	DDI RULE 2692	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2692
DDI RULE 2544	JAWS Remote Code Execution Exploit - HTTP (Request)	High		2018/10/03	DDI RULE 2544	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2544
DDI RULE 2723	MAGNITUDE - Exploit Kit - HTTP (Response)	High		2018/10/02	DDI RULE 2723	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2723
DDI RULE 2753	FALLOUT - Exploit Kit - HTTP (Request)	Medium		2018/10/01	DDI RULE 2753	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2753
DDI RULE 2623	Remote Code Execution - HTTP (Request) - Variant 2	High		2018/10/01	DDI RULE 2623	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2623
DDI RULE 2736	ANTAK Webshell - HTTP (Request)	Medium		2018/09/27	DDI RULE 2736	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2736
DDI RULE 2749	Possible IE Exploit - HTTP (Response) - Variant 4	Low		2018/09/27	DDI RULE 2749	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2749
DDI RULE 2750	CVE-2018-8007 Apache CouchDB Remote Code Execution Exploit - HTTP (Request)	High		2018/09/27	DDI RULE 2750	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2750
DDI RULE 2751	Remote Command Shell - TCP	High		2018/09/27	DDI RULE 2751	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2751
DDI RULE 2752	Remote PowerShell - TCP	High		2018/09/27	DDI RULE 2752	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2752
DDI RULE 2734	TUNNA Webshell - HTTP (Request)	Low		2018/09/24	DDI RULE 2734	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2734
DDI RULE 2735	TUNNA Webshell - HTTP (Request) - Variant 2	Medium		2018/09/24	DDI RULE 2735	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2735
DDI RULE 2728	NUUO Command Injection - HTTP (Request)	High		2018/09/17	DDI RULE 2728	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2728
DDI RULE 2746	BLUEBANANA - TCP (Request)	High		2018/09/13	DDI RULE 2746	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2746
DDI RULE 2747	IE Exploit - HTTP (Response)	High		2018/09/13	DDI RULE 2747	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2747
DDI RULE 2748	Possible IE Exploit - HTTP (Response) - Variant 3	Low		2018/09/13	DDI RULE 2748	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2748
DDI RULE 2745	CVE-2018-9866 SonicWall XML RPC Remote Code Execution Exploit - HTTP (Request)	High		2018/09/12	DDI RULE 2745	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2745
DDI RULE 2732	CVE-2009-3103 - Remote Code Execution - SMB2	High		2018/09/04	DDI RULE 2732	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2732
DDI RULE 2167	ALFA - Ransomware - HTTP (Request)	High		2018/09/04	DDI RULE 2167	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2167
DDI RULE 2714	KAIXIN - Exploit Kit - HTTP (Request) - Variant 2	High		2018/09/03	DDI RULE 2714	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2714
DDI RULE 2730	OMRON FINS TCP Read Controller Attempt NSE - TCP (Request)	Low		2018/08/30	DDI RULE 2730	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2730
DDI RULE 475	PALEVO - UDP - Variant 2	Medium		2018/08/30	DDI RULE 475	/vinfo/ph/threat-encyclopedia/network/ddi-rule-475
DDI RULE 48	Query of a non-trusted domain mail exchanger using the host's DNS A record	Low		2018/08/30	DDI RULE 48	/vinfo/ph/threat-encyclopedia/network/ddi-rule-48
DDI RULE 49	Session using standard port - IRC	Low		2018/08/30	DDI RULE 49	/vinfo/ph/threat-encyclopedia/network/ddi-rule-49
DDI RULE 5	Executable file name with multiple consecutive spaces	High		2018/08/30	DDI RULE 5	/vinfo/ph/threat-encyclopedia/network/ddi-rule-5
DDI RULE 50	Host DNS MX record query of a trusted domain	Low		2018/08/30	DDI RULE 50	/vinfo/ph/threat-encyclopedia/network/ddi-rule-50
DDI RULE 51	Malware-related subject and executable file - Email	Low		2018/08/30	DDI RULE 51	/vinfo/ph/threat-encyclopedia/network/ddi-rule-51
DDI RULE 52	Unregistered mail server - Email	Low		2018/08/30	DDI RULE 52	/vinfo/ph/threat-encyclopedia/network/ddi-rule-52
DDI RULE 54	Archive file containing packed executable file - Email	High		2018/08/30	DDI RULE 54	/vinfo/ph/threat-encyclopedia/network/ddi-rule-54
DDI RULE 542	SYKIPOT - Server certificate - SSL	High		2018/08/30	DDI RULE 542	/vinfo/ph/threat-encyclopedia/network/ddi-rule-542
DDI RULE 55	File name with multiple consecutive spaces and executable extension	High		2018/08/30	DDI RULE 55	/vinfo/ph/threat-encyclopedia/network/ddi-rule-55
DDI RULE 2729	Possible IE Exploit - HTTP (Response) - Variant 2	Low		2018/08/29	DDI RULE 2729	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2729
DDI RULE 2005	Possible EDELLROOT certificate detected	High		2018/08/29	DDI RULE 2005	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2005
DDI RULE 2011	UPATRE - HTTP (Request) - Variant 3	High		2018/08/29	DDI RULE 2011	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2011
DDI RULE 1128	BANLOAD - HTTP (Request)	High		2018/08/29	DDI RULE 1128	/vinfo/ph/threat-encyclopedia/network/ddi-rule-1128
DDI RULE 1155	BITCOIN - HTTP (Request)	High		2018/08/29	DDI RULE 1155	/vinfo/ph/threat-encyclopedia/network/ddi-rule-1155
DDI RULE 1663	CRAZYK - HTTP (Request)	High		2018/08/29	DDI RULE 1663	/vinfo/ph/threat-encyclopedia/network/ddi-rule-1663
DDI RULE 2416	DETOXCRYPTO - Ransomware - HTTP (Request)	High		2018/08/29	DDI RULE 2416	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2416
DDI RULE 2413	TRICKBOT - HTTP (Request)	High		2018/08/29	DDI RULE 2413	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2413
DDI RULE 2725	Reverse Meterpreter - HTTP (Response)	High		2018/08/22	DDI RULE 2725	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2725
DDI RULE 2711	UNDERMINER - Exploit Kit - HTTP (Response)	High		2018/08/22	DDI RULE 2711	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2711
DDI RULE 2698	APT - WATERHOLE - HTTP (Request) - Variant 2	High		2018/08/22	DDI RULE 2698	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2698
DDI RULE 2672	CKNIFE - HTTP (Request)	High		2018/08/22	DDI RULE 2672	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2672
DDI RULE 2676	PHP Webshell - HTTP (Request) - Variant 2	High		2018/08/20	DDI RULE 2676	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2676
DDI RULE 27	Host DNS Mx record query of a non-trusted domain	Low		2018/08/20	DDI RULE 27	/vinfo/ph/threat-encyclopedia/network/ddi-rule-27
DDI RULE 2690	JSPSPY Webshell - HTTP (Request)	High		2018/08/20	DDI RULE 2690	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2690
DDI RULE 2719	WebScript Injection - HTTP (Request)	Medium		2018/08/13	DDI RULE 2719	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2719
DDI RULE 2720	CVE-2018-2894 Weblogic Arbitrary File Upload Exploit - HTTP (Request)	Medium		2018/08/13	DDI RULE 2720	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2720
DDI RULE 1552	APT - HAVEX - HTTP (Request)	High		2018/08/13	DDI RULE 1552	/vinfo/ph/threat-encyclopedia/network/ddi-rule-1552
DDI RULE 1577	APT - PLUGX - HTTP (Request) - Variant 6	High		2018/08/13	DDI RULE 1577	/vinfo/ph/threat-encyclopedia/network/ddi-rule-1577
DDI RULE 1583	APT - HCOREPWSTL - HTTP (Request)	High		2018/08/13	DDI RULE 1583	/vinfo/ph/threat-encyclopedia/network/ddi-rule-1583
DDI RULE 1347	APT - Possible SIMBOT - HTTP (Request) - Variant 3	Medium		2018/08/13	DDI RULE 1347	/vinfo/ph/threat-encyclopedia/network/ddi-rule-1347
DDI RULE 1415	APT - Possible POISONIVY - TCP (Request)	Medium		2018/08/13	DDI RULE 1415	/vinfo/ph/threat-encyclopedia/network/ddi-rule-1415
DDI RULE 1460	A privileged user account attempted to log on to the Remote Desktop server during non-working hours	High		2018/08/13	DDI RULE 1460	/vinfo/ph/threat-encyclopedia/network/ddi-rule-1460
DDI RULE 272	AUTORUN - HTTP (Request) - Variant 6	High		2018/08/09	DDI RULE 272	/vinfo/ph/threat-encyclopedia/network/ddi-rule-272
DDI RULE 2717	KAIXIN - Exploit Kit - HTTP (Request) - Variant 3	High		2018/08/09	DDI RULE 2717	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2717
DDI RULE 2718	S7 Enumerate Redpoint NSE Request CPU Function Read SZL - TCP (Request)	Low		2018/08/09	DDI RULE 2718	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2718
DDI RULE 2715	MINER CONFIG - HTTP (Response)	High		2018/08/07	DDI RULE 2715	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2715
DDI RULE 2384	Possible EQUATED - Remote Code Execution - SMB (Request)	Low		2018/08/07	DDI RULE 2384	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2384
DDI RULE 2390	EQUATED - SMB (Response)	High		2018/08/07	DDI RULE 2390	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2390
DDI RULE 2429	EQUATED - Exploit Attempt - SMB (Response)	High		2018/08/07	DDI RULE 2429	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2429
DDI RULE 1087	APT - FASWIK - TCP (Request)	High		2018/08/06	DDI RULE 1087	/vinfo/ph/threat-encyclopedia/network/ddi-rule-1087
DDI RULE 1069	APT - Possible GHOSTRAT - TCP	Medium		2018/08/06	DDI RULE 1069	/vinfo/ph/threat-encyclopedia/network/ddi-rule-1069
DDI RULE 1076	file dropped on a network administrative share	Low		2018/08/06	DDI RULE 1076	/vinfo/ph/threat-encyclopedia/network/ddi-rule-1076
DDI RULE 1257	APT - CRIDEX - HTTP (Request) - Variant 3	High		2018/08/06	DDI RULE 1257	/vinfo/ph/threat-encyclopedia/network/ddi-rule-1257
DDI RULE 1300	APT - FARFLI - HTTP (Request)	High		2018/08/06	DDI RULE 1300	/vinfo/ph/threat-encyclopedia/network/ddi-rule-1300
DDI RULE 1306	SMB or SMB2 PE file Upload to non-administrative share folder detected	Medium		2018/08/06	DDI RULE 1306	/vinfo/ph/threat-encyclopedia/network/ddi-rule-1306
DDI RULE 1307	SMB or SMB2 PE file Upload detected	Medium		2018/08/06	DDI RULE 1307	/vinfo/ph/threat-encyclopedia/network/ddi-rule-1307
DDI RULE 1303	APT - Possible BLYPT - HTTP (Request)	Medium		2018/08/06	DDI RULE 1303	/vinfo/ph/threat-encyclopedia/network/ddi-rule-1303
DDI RULE 1310	SMB CreateService request detected	Low		2018/08/06	DDI RULE 1310	/vinfo/ph/threat-encyclopedia/network/ddi-rule-1310
DDI RULE 1311	SMB DeleteService request detected	Low		2018/08/06	DDI RULE 1311	/vinfo/ph/threat-encyclopedia/network/ddi-rule-1311
DDI RULE 1318	File Download From known CNC Server detected	Medium		2018/08/06	DDI RULE 1318	/vinfo/ph/threat-encyclopedia/network/ddi-rule-1318
DDI RULE 2709	CVE-2018-8278 MS Edge Spoofing Exploit - HTTP (Response)	High		2018/07/30	DDI RULE 2709	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2709
DDI RULE 2704	Web Security Testing Tool - HTTP (Request) - Variant 2	High		2018/07/26	DDI RULE 2704	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2704
DDI RULE 2705	Android Debug Bridge Remote Code Execution - TCP (Request)	High		2018/07/26	DDI RULE 2705	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2705
DDI RULE 2706	OSTAP - HTTP (Request)	High		2018/07/26	DDI RULE 2706	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2706
DDI RULE 2707	DLINK Command Injection Exploit - HTTP (Request) - Variant 2	High		2018/07/26	DDI RULE 2707	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2707
DDI RULE 2708	SENDOOREOF - UDP (Request)	High		2018/07/26	DDI RULE 2708	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2708
DDI RULE 2629	Possible WEBLOGIC T3 RCE Exploit - TCP (Request)	Medium		2018/07/26	DDI RULE 2629	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2629
DDI RULE 2626	CVE-2018-7600 - Drupal Remote Code Execution - HTTP (Request)	High		2018/07/25	DDI RULE 2626	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2626
DDI RULE 2702	Host Discovery - UDP (Request)	Low		2018/07/24	DDI RULE 2702	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2702
DDI RULE 1242	APT - XTREME - HTTP (Request)	High		2018/07/24	DDI RULE 1242	/vinfo/ph/threat-encyclopedia/network/ddi-rule-1242
DDI RULE 1245	APT - TROJAN TCP Request	High		2018/07/24	DDI RULE 1245	/vinfo/ph/threat-encyclopedia/network/ddi-rule-1245
DDI RULE 1174	APT - MALEX - HTTP (Request)	High		2018/07/24	DDI RULE 1174	/vinfo/ph/threat-encyclopedia/network/ddi-rule-1174
DDI RULE 1021	APT - Possible POISONIVY - TCP (Response) - Variant 2	Medium		2018/07/24	DDI RULE 1021	/vinfo/ph/threat-encyclopedia/network/ddi-rule-1021
DDI RULE 2701	Possible EMOTET - HTTP (Response) - Variant 3	High		2018/07/18	DDI RULE 2701	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2701
DDI RULE 2666	CVE-2017-7529 NGINX Integer Overflow Exploit Attempt HTTP (Request)	Medium		2018/07/18	DDI RULE 2666	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2666
DDI RULE 2700	Possible WEBSHELL - HTTP (Request)	High		2018/07/17	DDI RULE 2700	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2700
DDI RULE 2699	CVE-2016-10134 - Zabbix SQL Injection - HTTP (Request)	Medium		2018/07/17	DDI RULE 2699	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2699
DDI RULE 2584	POSGERAT Data Exfiltration - DNS (Response)	Low		2018/07/17	DDI RULE 2584	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2584
DDI RULE 1885	Possible Data Exfiltration - DNS (Response)	Low		2018/07/17	DDI RULE 1885	/vinfo/ph/threat-encyclopedia/network/ddi-rule-1885
DDI RULE 1618	CVE-2014-6271 - Shellshock HTTP Request	High		2018/07/16	DDI RULE 1618	/vinfo/ph/threat-encyclopedia/network/ddi-rule-1618
DDI RULE 1078	Possible TOR node certificate detected	Medium		2018/07/11	DDI RULE 1078	/vinfo/ph/threat-encyclopedia/network/ddi-rule-1078
DDI RULE 108	Data-stealing malware	Low		2018/07/11	DDI RULE 108	/vinfo/ph/threat-encyclopedia/network/ddi-rule-108
DDI RULE 2694	CVE-2018-12613 PHPMyAdmin Remote Code Execution Exploit - HTTP (Request)	High		2018/07/11	DDI RULE 2694	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2694
DDI RULE 2695	CVE-2018-3606 TMCM SQL Injection Exploit - HTTP (Request)	High		2018/07/11	DDI RULE 2695	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2695
DDI RULE 2696	CVE-2018-0296 CISCO ASA Path Traversal Exploit - HTTP (Request)	High		2018/07/11	DDI RULE 2696	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2696
DDI RULE 2697	NUKESPED - TCP (Response) - Variant 2	Medium		2018/07/11	DDI RULE 2697	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2697
DDI RULE 2693	CVE-2015-5254 - ActiveMQ Deserialization Vulnerability	High		2018/07/10	DDI RULE 2693	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2693
DDI RULE 2689	CVE-2016-4438 - Remote Code Execution - HTTP (Request) - Variant 2	High		2018/07/03	DDI RULE 2689	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2689
DDI RULE 1886	Data Exfiltration - DNS (Response)	Low		2018/07/03	DDI RULE 1886	/vinfo/ph/threat-encyclopedia/network/ddi-rule-1886
DDI RULE 2349	Possible MIRAI - TCP (Request)	High		2018/07/03	DDI RULE 2349	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2349
DDI RULE 2529	APT - TURLA - HTTP (Request)	High		2018/06/28	DDI RULE 2529	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2529
DDI RULE 253	RUSTOCK - HTTP (Request) - Variant 2	High		2018/06/28	DDI RULE 253	/vinfo/ph/threat-encyclopedia/network/ddi-rule-253
DDI RULE 2507	Unauthorized TESTFR IEC-104 Request	High		2018/06/28	DDI RULE 2507	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2507
DDI RULE 2508	Unauthorized STARTDT IEC-104 Request	High		2018/06/28	DDI RULE 2508	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2508
DDI RULE 2509	Unauthorized STOPDT IEC-104 Request	High		2018/06/28	DDI RULE 2509	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2509
DDI RULE 2510	Non-IEC-104 Communication Request	High		2018/06/28	DDI RULE 2510	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2510
DDI RULE 2511	IEC104 STOPDT CON - SCADA (Response)	Medium		2018/06/28	DDI RULE 2511	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2511
DDI RULE 2512	IEC104 STARTDT CON - SCADA (Response)	Medium		2018/06/28	DDI RULE 2512	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2512
DDI RULE 2687	CVE-2018-7602 - Remote Code Execution - HTTP (Request) - Variant 2	High		2018/06/28	DDI RULE 2687	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2687
DDI RULE 2685	Possible Host Discovery - ICMP (Response)	High		2018/06/28	DDI RULE 2685	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2685
DDI RULE 2686	Command Execution - SMB (Request)	High		2018/06/26	DDI RULE 2686	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2686
DDI RULE 2680	Acunetix Web Vulnerability Scanner - HTTP (Request)	High		2018/06/26	DDI RULE 2680	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2680
DDI RULE 2681	DirBuster - HTTP (Request)	Medium		2018/06/26	DDI RULE 2681	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2681
DDI RULE 2682	NMAP - HTTP (Request	Medium		2018/06/26	DDI RULE 2682	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2682
DDI RULE 2683	W3AF - HTTP (Request)	Medium		2018/06/26	DDI RULE 2683	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2683
DDI RULE 2684	GoLismero - HTTP (Request)	Medium		2018/06/26	DDI RULE 2684	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2684
DDI RULE 2651	JBOSSAS COMMAND EXECUTION EXPLOIT - HTTP (Request)	Medium		2018/06/26	DDI RULE 2651	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2651
DDI RULE 2674	Web Vulnerability Scanner - HTTP (Request)	High		2018/06/25	DDI RULE 2674	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2674
DDI RULE 2675	Web Vulnerability Scanner - HTTP (Request) - Variant 2	High		2018/06/25	DDI RULE 2675	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2675
DDI RULE 2668	REGEORG - HTTP (Request)	High		2018/06/25	DDI RULE 2668	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2668
DDI RULE 2679	CVE-2016-3714 - ImageMagick Command Execution Exploit - HTTP (Request)	Medium		2018/06/25	DDI RULE 2679	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2679
DDI RULE 2669	APT - DARKHOTEL - HTTP (Request)	High		2018/06/21	DDI RULE 2669	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2669
DDI RULE 2670	Comprehensive Tool - TDS (Request)	High		2018/06/21	DDI RULE 2670	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2670
DDI RULE 2671	Vulnerability Scanner - HTTP (Request) - Variant 3	High		2018/06/21	DDI RULE 2671	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2671
DDI RULE 2673	Earthworm Port Forwarding - TCP (Request)	High		2018/06/21	DDI RULE 2673	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2673
DDI RULE 2664	CreateService - SMB (Request)	High		2018/06/21	DDI RULE 2664	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2664
DDI RULE 2664	CreateService - SMB (Request)	High		2018/06/21	DDI RULE 2664	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2664
DDI RULE 2665	SOFACY - HTTP (Request)	Medium		2018/06/20	DDI RULE 2665	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2665
DDI RULE 2667	CVE-2018-9995 Authentication Bypass Exploit - HTTP (Request)	High		2018/06/20	DDI RULE 2667	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2667
DDI RULE 2663	APT - EXFRAM - TCP (Request)	High		2018/06/19	DDI RULE 2663	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2663
DDI RULE 2386	C99 PHP SHELL - HTTP	High		2018/06/19	DDI RULE 2386	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2386
DDI RULE 2387	DK PHP SHELL - HTTP	High		2018/06/19	DDI RULE 2387	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2387
DDI RULE 2417	CVE-2017-7494 - Remote Code Execution - SMB (Request) - Variant 2	Medium		2018/06/19	DDI RULE 2417	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2417
DDI RULE 2660	ASP WebShell - HTTP (Request)	High		2018/06/18	DDI RULE 2660	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2660
DDI RULE 2661	HYTOP2006 ASP WebShell - HTTP (Request)	Medium		2018/06/18	DDI RULE 2661	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2661
DDI RULE 2662	PHPSPY WebShell - HTTP (Request)	Medium		2018/06/18	DDI RULE 2662	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2662
DDI RULE 2658	Ghost WebShell - HTTP (Request)	Medium		2018/06/18	DDI RULE 2658	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2658
DDI RULE 2659	PHP WebShell - HTTP (Request) - Variant 2	Medium		2018/06/18	DDI RULE 2659	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2659
DDI RULE 266	GOZI - HTTP (Request)	High		2018/06/12	DDI RULE 266	/vinfo/ph/threat-encyclopedia/network/ddi-rule-266
DDI RULE 2655	Possible CVE-2017-9506 Atlassian OAth Proxy Exploit - HTTP (Request)	Medium		2018/06/12	DDI RULE 2655	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2655
DDI RULE 2656	CVE-2018-1418 - QRADAR Command Injection - HTTP (Request)	High		2018/06/12	DDI RULE 2656	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2656
DDI RULE 2602	RIG - Exploit Kit - HTTP (Request) - Variant 5	High		2018/06/06	DDI RULE 2602	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2602
DDI RULE 2653	PHOTOMINER - HTTP (Response)	High		2018/06/05	DDI RULE 2653	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2653
DDI RULE 2654	Powershell - SMB	Medium		2018/06/05	DDI RULE 2654	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2654
DDI RULE 2445	Suspicious file rename - SMB2 (Request)	High		2018/06/05	DDI RULE 2445	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2445
DDI RULE 2652	VPNFILTER - HTTP (Request)	High		2018/06/04	DDI RULE 2652	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2652
DDI RULE 2649	GRANDSOFT - Exploit Kit - HTTP(Request)	High		2018/05/30	DDI RULE 2649	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2649
DDI RULE 2650	ANDROM - HTTP (Response)	Medium		2018/05/30	DDI RULE 2650	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2650
DDI RULE 2624	POWERDNS - DNS (Response)	High		2018/05/30	DDI RULE 2624	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2624
DDI RULE 2648	CVE-2018-1000136 Electron Node Integration Exploit- HTTP (Request)	High		2018/05/28	DDI RULE 2648	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2648
DDI RULE 2647	ANDROM - HTTP (Request)	High		2018/05/22	DDI RULE 2647	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2647
DDI RULE 2641	CVE-2018-1308 Apache Solr Data Import Handler XML Exploit - HTTP (Request)	High		2018/05/21	DDI RULE 2641	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2641
DDI RULE 2645	CVE-2017-16598 Netgain SNMPWALK IP Directory Traversal Exploit HTTP - (Request)	High		2018/05/21	DDI RULE 2645	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2645
DDI RULE 2646	CVE-2018-1111 Remote Code Injection Exploit - DHCP (Response)	High		2018/05/21	DDI RULE 2646	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2646
DDI RULE 2644	Suspicious Access to a bit Domain - DNS (Response)	Medium		2018/05/17	DDI RULE 2644	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2644
DDI RULE 2072	CVE-2016-3081 - Remote Code Execution - HTTP (Request) - Variant 2	Low		2018/05/17	DDI RULE 2072	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2072
DDI RULE 2642	NEGASTEAL - HTTP (Request)	High		2018/05/16	DDI RULE 2642	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2642
DDI RULE 2643	NECURS - SMB	High		2018/05/16	DDI RULE 2643	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2643
DDI RULE 2640	CVE-2018-5443 Advantech Webaccess SQL Injection - HTTP (Request)	High		2018/05/15	DDI RULE 2640	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2640
DDI RULE 2637	CVE-2018-0171 Buffer Overflow - TCP (Request)	Medium		2018/05/09	DDI RULE 2637	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2637
DDI RULE 2625	UDPOS - DNS (Request)	High		2018/05/09	DDI RULE 2625	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2625
DDI RULE 2574	CVE-2017-16943 EXIM Remote Code Execution exploit - SMTP (Request)	Medium		2018/05/08	DDI RULE 2574	/vinfo/ph/threat-encyclopedia/network/ddi-rule-2574