RULE(RULE ID:336592)

Rule General Information
Release Date: 2022-05-18
Rule Name: Tool ReGeorg Detecion - Connect
Severity:
CVE ID:
Rule Protection Details
Description: ReGeorg is an HTTP tunnel-based reverse proxy tool used to bypass network restrictions and firewalls. Often used by attackers for Intranet penetration, ReGeorg establishes a reverse connection with the attacker controlled server by deploying a client on the target machine, enabling the attacker to initiate a connection from within the target network without opening a port on the target network. This rule is used to detect the traffic that ReGeorg initiates.
Impact: An attacker could exploit this vulnerability to have unspecified effect.
Affected OS: Windows, Linux, Others
Reference:
Solutions
Please contact the software vendor to update the software patch.