We currently busy deploying HIPS 8.0 Patch 2 in our environment and its going well so far.
The problem is that we are getting a lot of Host IPS: Desktop High Triggered Signatures "SMB Brute Force Attack" with Threat severity "Critical" Threat Name "6045" on mostly Windows XP which are on SP3. Is this something to worry about as i don't see alot articles on this threat event, and if how does one handle it?
This signature came out with the new HIPS content update on 14 April. If you already have HIPS 8 installed on your systems, then started seeing the events, that would explain the sudden appearance of the events. I would just tune the signature as you would normally tune any other one.
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.
Community Help Hub
New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.