INTRUSION DETECTION AND PREVENTION

General

Signature

Update

Backup & Restore

Signature Groups

Switch to query view

Attack Type

Name	ID	Severity	Platform	Active	Log	Alert	Action
EXPLOIT MS IE HHCtrl ActiveX Control Vulnerability (MS06-046)		High
EXPLOIT MS SMB PIPE Remote Denial of Service Vulnerability		High
EXPLOIT IIS Malformed HTTP Request Remote DoS		High
EXPLOIT MS Windows Metafile (WMF) Image Handling (MS05-053) -1		Medium
EXPLOIT MS Distributed Transaction Coordinator (MS05-051) -1		High
EXPLOIT MS Windows Metafile (WMF) Image Handling (MS05-053)		Medium
EXPLOIT Windows 2000 Server UPNP DoS		High
EXPLOIT Microsoft ASN.1 DoS -4		Medium
EXPLOIT Microsoft ASN.1 DoS -3		High
EXPLOIT Microsoft ASN.1 DoS -2		High
EXPLOIT Microsoft ASN.1 DoS -1		High
EXPLOIT Microsoft Windows SSL Library Denial of Service		High
DoS Microsoft Windows RDP rdpwd.sys Remote Kernel DoS		Medium
Worm.Mytob.DC -3		High
Worm.Mytob.DC -2		High
Worm.Mytob.DC -1		High
Worm.Mytob.DB -3		High
Worm.Mytob.DB -2		High
Worm.Mytob.DB -1		High
Possible DoS HGOD SynKiller Flooding		Medium
DoS WebDAV XML Message Handler Denial of Service (MS04-030)		High
Apache HTTP GET Remote DoS Exploit		High
WEB Plug and Play Web Server DoS attempt		High
DoS DNS UDP flooding		Severe
MISC xfs overflow attempt		Severe
DoS MS-SQL Slammer Worm		Severe
DoS-ath0-modem-disconnect		High
DDoS tfn2k-icmp_possible_communication		Medium
WEB-MISC /ecscripts/ecware.exe access		Medium
WEB-MISC jigsaw dos attempt		Low
SNMP community string buffer overflow attempt		High
WEB-MISC CISCO VoIP DOS ATTEMPT		Medium
DDoS Stacheldraht agent->handler (skillz)		Medium
DDoS Stacheldraht handler->agent (niggahbitch)		Medium
DDoS Stacheldraht handler->agent (ficken)		Medium
BACKDOOR win-trin00 connection attempt		Severe
BACKDOOR trinity connection attempt		Medium
MS Terminal server request (RDP)		Medium
SNMP PROTOS test-suite-trap-app attempt		Very Low
SNMP PROTOS test-suite-req-app attempt		Very Low
WEB sml3com access - type 1		Low
WEB HP Openview Manager DoS		Medium
WEB Annex Terminal DoS attempt		Medium
WEB Cisco Web DoS attempt		Medium
WEB ICQ Webfront HTTP DoS		Medium
WEB netscape servers suite DoS		Medium
WEB Netscape Enterprise DoS		Medium
IIS isc$data attempt		Medium
IIS *.idc attempt		Medium
FRONTPAGE shtml.exe access		Medium
FRONTPAGE shtml.dll access		Medium
FRONTPAGE _vti_rpc access		Medium
CGI classifieds.cgi access		Medium
SMTP exchange mime DoS		High
NETBIOS DoS RFPoison		High
NETBIOS nimda .nws		High
NETBIOS nimda .eml		High
MISC UPNP malformed advertisement		Low
ICMP Large ICMP Packet		Very Low
ICMP redirect net		Very Low
EXPLOIT VQServer admin		Low
DoS UDP echo+chargen bomb		Severe
TFN client command LE		Medium
mstream agent pong to handler		High
mstream handler ping to agent		High
mstream handler to agent		High
mstream agent to handler		High
shaft synflood		High
shaft handler to agent		High
TFN server response		High
Trin00 Master to Daemon (default pass detected!)		High
Stacheldraht client-check-gag		High
Trin00 Attacker to Master default mdie password		High
Trin00 Attacker to Master default password		High
Trin00 Attacker to Master default startup password		High
Trin00 Daemon to Master (HELLO detected)		High
Trin00 Daemon to Master (message detected)		High
Stacheldraht client-check-skillz		High
TFN client command BE		Medium
Stacheldraht client-spoofworks		High
Stacheldraht server-response		High
Stacheldraht server-response-gag		High
Stacheldraht server-spoof		High
Trin00 Daemon to Master (PONG detected)		High
TFN Probe		High