1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. HTTP reDuh Activity

HTTP reDuh Activity

Severity: Medium

This attack could pose a moderate security threat. It does not require immediate action.

Description

This signature detects reDuh activity which may indicate that an attacker is using a tool to bypass existing controls into a protected network.

Additional Information

reDuh is actually a tool that can be used to create a TCP circuit through validly formed HTTP requests which may bypass existing firewall controls.
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube