cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted

Unknown Attack (4203020)

Jump to solution

Hi.

After new signature set version 9.8.33.6deployment, I can see several attack name "Unknown".Such attack log has no description, no matching criteria:

2018-10-31 16_22_07-McAfee Network Security Manager - ipsmgmt.ug.cz.png2018-10-31 16_23_46-McAfee Network Security Manager - ipsmgmt.ug.cz.png

Seems some signature issue. Can anyone confirm ?

1 Solution

Accepted Solutions
Reliable Contributor mjesmer
Reliable Contributor
Report Inappropriate Content
Message 2 of 5

Re: Unknown Attack (4203020)

Jump to solution

Have you tried clearing the Manager Policy Cache? 

4 Replies
Reliable Contributor mjesmer
Reliable Contributor
Report Inappropriate Content
Message 2 of 5

Re: Unknown Attack (4203020)

Jump to solution

Have you tried clearing the Manager Policy Cache? 

Re: Unknown Attack (4203020)

Jump to solution

Yes. cache flushed. No change. No Attack Name, only some internal ID 4203020

Unknown attack.png

Update: After delete of policy cache, the old events are still marked as Unknown but all new events are identified OK.

Reliable Contributor mjesmer
Reliable Contributor
Report Inappropriate Content
Message 4 of 5

Re: Unknown Attack (4203020)

Jump to solution

Ok so you are now seeing the appropriate name for new alerts coming in?

Old attacks won't change to the correct name, just the new ones.

Re: Unknown Attack (4203020)

Jump to solution
No more Unknown attack in Log today. Seems flush cache is sollution.
thx.
Member Rewards
McAfee Community rewards active and helpful members just like you. Click here to take a look at the first community members who received a special reward and were recognized by McAfee leader, Aneel Jaeel, for their participation and trusted knowledge in the community.