https://community.checkpoint.com/t5/General-Topics/Got-Metasploit/m-p/59915#M12141 <P>If IPS detects a metasploit component inside your network, if you're like me, this gets real and immediate attention.&nbsp; However, if you are backing up a machine with a Checkpoint console installed, IPS will trigger on this file inside the Smart Console directory:</P><P>COMMGR_Metasploit_help.</P><P>Take a deep breath, all is well.</P><P>&nbsp;</P><P>Best regards,</P><P>Dan</P><P>&nbsp;</P><P>&nbsp;</P><P>&nbsp;</P><P>&nbsp;</P> Thu, 08 Aug 2019 21:19:34 GMT Dan_Roddy 2019-08-08T21:19:34Z https://community.checkpoint.com/t5/General-Topics/Got-Metasploit/m-p/59915#M12141 <P>If IPS detects a metasploit component inside your network, if you're like me, this gets real and immediate attention.&nbsp; However, if you are backing up a machine with a Checkpoint console installed, IPS will trigger on this file inside the Smart Console directory:</P><P>COMMGR_Metasploit_help.</P><P>Take a deep breath, all is well.</P><P>&nbsp;</P><P>Best regards,</P><P>Dan</P><P>&nbsp;</P><P>&nbsp;</P><P>&nbsp;</P><P>&nbsp;</P> Thu, 08 Aug 2019 21:19:34 GMT https://community.checkpoint.com/t5/General-Topics/Got-Metasploit/m-p/59915#M12141 Dan_Roddy 2019-08-08T21:19:34Z https://community.checkpoint.com/t5/General-Topics/Got-Metasploit/m-p/59920#M12144 Was it on a file transfer of a backup or something?<BR />That sounds like a false positive we should look at. Thu, 08 Aug 2019 23:15:36 GMT https://community.checkpoint.com/t5/General-Topics/Got-Metasploit/m-p/59920#M12144 PhoneBoy 2019-08-08T23:15:36Z https://community.checkpoint.com/t5/General-Topics/Got-Metasploit/m-p/60343#M12210 It was detected twice, first as a backup crossed a network segment and second as the backup file was transferred to a DR site. Wed, 14 Aug 2019 19:23:02 GMT https://community.checkpoint.com/t5/General-Topics/Got-Metasploit/m-p/60343#M12210 Dan_Roddy 2019-08-14T19:23:02Z