Sat Sep 22 2012 09:01:10,0,macb,0,0,0,1224,[HIPS] (Entry Written) Name: NipsMessaging.cpp !_ Event type: ERROR !_ Message: (5260) NimQ - Unexpected large transport payload: 0x5d4 (bug 579380) (file: /ProgramData/McAfee/Host Intrusion Prevention/FireSvc.log old)
Anyone seen this before?
Thanks, Kary! I theorize this machine may have fallen into a gap when we deployed HIPS 8. I wonder if this could be perfectly legitimate traffic but detected falsely by the down level version.