Release adaptation 2.1.1.3
3002-TCP SYN Port Sweep
3003-TCP Frag SYN Port Sweep
3005-TCP FIN Port Sweep
3006-TCP Frag FIN Port Sweep
3010-TCP High Port Sweep
3011-TCP FIN High Port Sweep
3012-TCP Frag FIN High Port Sweep
3015-TCP Null Port Sweep
3016-TCP Frag Null Port Sweep
3020-TCP SYN FIN Port Sweep
3021-TCP Frag SYN FIN Port Sweep
3106-Mail Spam
3107-Majordomo Execute Attack
3221-WWW cgi-viewsource Attack
3222-WWW PHP Log Scripts Read Attack
3223-WWW IRIX cgi-handler Attack
3224-HTTP WebGais
3225-WWW websendmail File Access
3226-WWW Webdist Bug
3227-WWW Htmlscript Bug
3228-WWW Performer Bug
3251-TCP Hijacking Simplex Mode
3400-Sunkill
6180-rexd Attempt
6190-statd Buffer Overflow
Release adaptation 2.1.1
1001-IP options-Record Packet Route
1002-IP options-Timestamp
1004-IP options-Loose Source Route
1006-IP options-Strict Source Route
1102-Impossible IP Packet
1103-IP Fragments Overlap
2100-ICMP Network Sweep w/Echo
2101-ICMP Network Sweep w/Timestamp
2102-ICMP Network Sweep w/Address Mask
2150-Fragmented ICMP Traffic
2153-Smurf
3001-TCP Port Sweep
3100-Smail Attack
3101-Sendmail Invalid Recipient
3102-Sendmail Invalid Sender
3103-Sendmail Reconnaissance
3104-Archaic Sendmail Attacks
3105-Sendmail Decode Alias
3150-FTP Remote Command Execution
3151-FTP SYST Command Attempt
3152-FTP CWD ~root
3153-FTP Improper Address Specified
3154-FTP Improper Port Specified
3200-WWW Phf Attack
3202-WWW .url File Requested
3203-WWW .lnk File Requested
3204-WWW .bat File Requested
3205-HTML File Has .url Link
3206-HTML File Has .lnk Link
3207-HTML File Has .bat Link
3208-WWW campas Attack
3209-WWW Glimpse Server Attack
3210-WWW IIS View Source Attack
3211-WWW IIS Hex View Source Attack
3212-WWW NPH-TEST-CGI Attack
3213-WWW TEST-CGI Attack
3214-IIS DOT DOT VIEW Attack
3215-IIS DOT DOT EXECUTE Attack
3216-WWW Directory Traversal ../..
3217-WWW php View File Attack
3218-WWW SGI Wrap Attack
3219-WWW PHP Buffer Overflow
3220-IIS Long URL Crash Bug
3250-TCP Hijack
3300-NetBIOS OOB Data
3303-Windows Guest Login
3305-Windows Password File Access
3306-Windows Registry Access
3307-Windows Redbutton Attack
3401-Telnet-IFS Match
3500-Rlogin -froot Attack
4001-UDP Port Sweep
4100-Tftp Passwd File
6001-Normal SATAN Probe
6002-Heavy SATAN Probe
6050-DNS HINFO Request
6051-DNS Zone Transfer
6052-DNS Zone Transfer from High Port
6053-DNS Request for All Records
6102-RPC Dump
6150-ypserv Portmap Request
6151-ypbind Portmap Request
6152-yppasswdd Portmap Request
6153-ypupdated Portmap Request
6154-ypxfrd Portmap Request
6155-mountd Portmap Request
6175-rexd Portmap Request
6200-Ident Buffer Overflow
6201-Ident Newline
6250-FTP Authorization Failure
6251-Telnet Authorization Failure
6252-Rlogin Authorization Failure
6253-POP3 Authorization Failure
6255-SMB Authorization Failure
6300-Loki ICMP Tunneling
6302-General Loki ICMP Tunneling
8000:2101-FTP Retrieve Password File
8000:2302-Telnet-/etc/shadow Match
8000:2303-Telnet-+ +
8000:51301-Rlogin-IFS Match
8000:51302-Rlogin-/etc/shadow Match
8000:51303-Rlogin-+ +
10000:1000-IP-Spoof Interface 1
10000:1001-IP-Spoof Interface 2
Release adaptation 1.0
1100-IP Fragment Attack
1101-Unknown IP Protocol
2000-ICMP Echo Reply
2001-ICMP Host Unreachable
2002-ICMP Source Quench
2003-ICMP Redirect
2004-ICMP Echo Request
2007-ICMP Timestamp Request
2008-ICMP Timestamp Reply
2011-ICMP Address Mask Request
2012-ICMP Address Mask Reply
2151-Large ICMP Traffic
2152-ICMP Flood
2154-Ping of Death Attack
3045-Queso Sweep
3050-Half-open SYN Attack
3160-Cesar FTP Buffer Overflow
3450-Finger Bomb
3602-Cisco IOS Identity
050-UDP Bomb
4600-IOS UDP Bomb
5290-Apache Tomcat DefaultServlet File Disclosure
5315-changedisplay.pl WWWthreads Privilege Elevation
5329-Apache/mod_ssl Worm Probe
5332-Wordtrans-web Command Exec
5381-VPASP SQL bang
6100-RPC Port Registration
6101-RPC Port Unregistration
6103-Proxied RPC Request
11013-Mutella File Request
11202-AOL / ICQ Activity
11203- IRC Channel Join
The afterward signatures are not associated with any accurate release.
1105-Broadcast Source Address
1106-Multicast Ip Source Address