0 Replies Latest reply on Apr 13, 2010 4:45 PM by jnichols

    HIP/NIP KnowledgeBase?

    jnichols

      My company is monitoring some HIPS agents for a client and the logs are not very descriptive in some cases. I've come across some good resources for general signatures but I can't find anything for specific threats (I don't have access to a console to look them up that way). For example, when a HIP or NIP client event triggers (18000 or 18001), there is also a 'threat ID' in the log. Is there a site or resource somewhere that I can use to look up what these specific threats are?

       

      I've found the following lists but these just list the event ID and not the unique threat ID:

      https://kc.mcafee.com/corporate/index?page=content&id=KB54677

      https://kc.mcafee.com/corporate/index?page=content&id=KB65559&actp=search&search id=1271167283037

       

      Thanks in advance to anyone who can help!