Showing results for 
Search instead for 
Did you mean: 

Apple machine creating intrustion event

Wondering if anybody has seen this before.  We have a few apple machines that connect to our windows server for files and what not.  Sometimes when they try to connect, IPS sees it as a attack, sig id = 2231 to be exact.  Before I make it okay, I just want to verify if this is just a false positive or if anybody has ran into this before that can show me a direction to finding out if it is a threat or not.

2 Replies
McAfee Employee ktankink
McAfee Employee
Report Inappropriate Content
Message 2 of 3

Re: Apple machine creating intrustion event

Are you running HIPS 8.0 Patch 2 (build or higher?   There was a fix for this in the Patch 2 build.

Re: Apple machine creating intrustion event

Yes, the server in question is running 8.0.2239.  I don't mind if it is a false positive, I just want to make sure.  If it is, I'll just add an exclusion for the 4-5 mac systems causing this issue into the IPS.

Message was edited by: awsomaha on 6/20/13 6:49:56 AM CDT
More McAfee Tools to Help You
  • Subscription Service Notification (SNS)
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • eSupport: Policy Orchestrator
  • Community Help Hub

      New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

    • Find Forum FAQs
    • Learn How to Earn Badges
    • Ask for Help
    Go to Community Help

    Join the Community

      Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

    • Get helpful solutions from McAfee experts.
    • Stay connected to product conversations that matter to you.
    • Participate in product groups led by McAfee employees.
    Join the Community
    Join the Community