We currently busy deploying HIPS 8.0 Patch 2 in our environment and its going well so far.
The problem is that we are getting a lot of Host IPS: Desktop High Triggered Signatures "SMB Brute Force Attack" with Threat severity "Critical" Threat Name "6045" on mostly Windows XP which are on SP3. Is this something to worry about as i don't see alot articles on this threat event, and if how does one handle it?
Please see attachment.
McAfee products in our environment
VSE 8.8 P3
HIPS 8.0 Patch 2
Policy Auditor 6.0
This signature came out with the new HIPS content update on 14 April. If you already have HIPS 8 installed on your systems, then started seeing the events, that would explain the sudden appearance of the events. I would just tune the signature as you would normally tune any other one.