========================================================================== RELEASE NOTES FOR F-Secure Linux Security BETA 3 Release 7.00 build 70103 ========================================================================== This Release Notes document is for F-Secure Linux Security. This document contains late-breaking information about the product. Please refer to the Administrator's Guide for more information. * To provide feedback or send problem report follow instructions on page: http://support.f-secure.com/ * Please visit our Linux weblog: http://www.f-secure.com/linux-weblog/ * Sales World-wide web: http://www.F-Secure.com/solutions/ Your local contact: @F-Secure.com F-Secure contact: Anti-Virus-Sales@F-Secure.com * F-Secure USA F-Secure Europe F-Secure Inc. F-Secure Corporation 100 Century Center Court Tammasaarenkatu 7 Suite 700 San Jose, CA 95112, USA FIN-00180 Helsinki, Finland tel (408) 938 6700 tel +358 9 2520 0700 fax (408) 938 6701 fax +358 9 2520 5001 http://www.F-Secure.com/ http://www.Europe.F-Secure.com/ Please do not call F-Secure directly if you have a local F-Secure Business Partner in your area. For an up-to-date listing of F-Secure Business Partners world-wide, see http://www.F-Secure.com/partners/. ========================================================================== Overview ========================================================================== This is the third beta release for F-Secure Linux Security 7.00. Its purpose is to give the public a preview of our upcoming Linux solutions and their features. IT IS NOT INTENDED FOR PRODUCTION USE. Please do not use this software in any environment where data or productivity loss is not acceptable. This software is for evaluation purposes only. All information in this document and all information related to this preview release is preliminary and subject to change at any time without notice. The Linux Security 7.00 product is a merge of the previous product line of F-Secure Linux Client Security and F-Secure Linux Server Security. Instead of selling two separate products, F-Secure will now sell one product, and instead let the user activate the product with either a "Client Edition" keycode or a "Server Edition" keycode. In the 30-day evaluation mode enabled by not using a keycode at all, the product will be configured in full-featured "Server Edition" mode. This beta release does not come with an Administrator's Guide. It is our hope that users familiar with the earlier Client or Server Security products will find it familiar enough to evaluate under the guidance of these release notes. Please see the Installation Instructions below for more information. Automated, real time anti-virus scanning makes sure that viruses cannot infect your Linux servers or inadvertently be moved on to susceptible Windows host. The firewall component makes sure that viruses, hackers and other intruders are not entering the servers by using network worms. Furthermore, the intrusion prevention functionality keeps hackers and crackers from entering and opening backdoors, changing important files, system's or personal or saving unwanted files on corporate servers. By integrating to F-Secure's centralized management system, the F-Secure Policy Manager, the products will automatically notify the administrators of any security incidents or virus activity. Administrators can also easily change and enforce the security policies via the F-Secure Policy Manager. ========================================================================== What Does It Include? ========================================================================== This release includes the following components: F-Secure Automatic Update Agent 8.23 build 2516 F-Secure Security Platform 2.00 build 6513 F-Secure Firewall Daemon 7.00 build 70103 F-Secure Integrity Checker 7.00 build 70103 F-Secure On-Access Scanning Daemon 7.00 build 70103 F-Secure Management Agent 4.75 build 40 ========================================================================== What's New in This Release? ========================================================================== * New configuration wizard accessible from the Web User Interface summary page, to ease initial configuration of the file system integrity checking and rootkit protection features * New scanning wizard for manual scanning from the Web User Interface - scanning can be done in background and progress is shown on the wizard page * Support for upgrading from F-Secure Anti-Virus for Linux 4.65 to Linux Security 7.00 in command-line-only mode (note: there is a known problem preventing all configuration options to be properly migrated in an upgrade) * The on-access scanner cache has been moved from the user-level scanning daemon to the Dazuko kernel module, significantly improving the overall performance for on-access scanning * Alert screen in Web User Interface has a button for displaying a printable version of the alerts * A GUI program "fsgav" has been introduced for scanning files and testing integrity * It is now possible to specify default directories for manual scanning and scheduled scanning tasks. These directories are used in Web User Interface when using the Manual Scanning Wizard or creating a new Scheduled Scanning Task. * Firewall rules can now be applied to specific network interfaces by using the "Flags" field in the firewall rule editor: [if:] - Apply this rule on a specific network interface only. Multiple interfaces may be entered as separate if flags. Example: [if:eth0],[if:eth3] * In GNOME, if you have the Nautilus actions extension installed, this preview includes support for right-clicking on folders and files in Nautilus to launch a manual scan using "fsgav" * The previous Client and Server Security products for Linux have been combined into one Linux Security product. The user can configure it as "Client Edition" or "Server Edition" by providing the appropriate keycode. * The user has the ability to entirely disable parts of the product, for example the Firewall module or the Web User Interface. * Simplified installer that will not ask any questions during install, apart from accepting the EULA. * Better desktop integration through the F-Secure GNOME Panel Applet alert notification. * Upgrade from Linux Server Security version 5.30 and above * NOTE: upgrading an expired evaluation version to full later version is not supported Fixed problems since last major release (the list below also includes fixes done after the Beta 2 release): 43752 Excluded directories excluded from list if a sub-directory is already in list 44581 MIB: typo in firewall services ("protovol" should be "protocol") 45403 Integrity checker sets modification time to 0 when baselining files 47067 Ugly line-break in keycode query during install in 80x25 terminal 47632 dbupdate(8), fsav(1) and fsavd(8) man page says "F-Secure Anti-Virus for Linux" 47856 DOC: Wrong (obsolete) man pages mentioned in fsavd(8) man page 48122 Web User Interface does not complain if some scheduled task settings are left blank. 48500 You cannot enter multiple directories for scheduled scan on WUI 50637 Better (error) reporting for zero-length admin.pub situations ( #45903 ) 50864 Automounted resources cannot be unmounted with dazuko/fazuko active. 51085 Cannot set multiple policy manager proxies in Web User Interface 52011 Installing full Server Security after uninstalling command-line-only fails 52271 FSMA does not revert back to local values when final is cleared. 52335 Typo in 4-series-to-5.50-upgrade text 52880 Unattended installation mode (--auto) does not work when upgrading 52838 Database update output contains debug messages 53352 fsfwd sends daemon log messages every minute 53833 Engine-malfunction while scanning SqlServer2K5_BOL_Jul2006.msi 54008 FILE I/O performance decreasing without realtime scanning. 54114 cmdline: crontab has 2 dbupdate command when updating from trial ver (#53178) 54356 uninstall-fsav does not remove fsma/fsaua initscripts 54456 Email-recipients configured via PMC not visible in WEB-UI. 54463 FSMA startup crashes server 54592 fsaua service is not installed on Turbolinux or others 54970 "unknown version" printed in syslog when integrity of one db channel is checked 55011 WUI German localization does not get applied on Ubuntu 6.10 55155 Typo in "man fsav". 55422 Unable to upgrade a --command-line-only installation (5.51->5.52). 55870 Domain-level policy settings does not affect to LinuxSS. 56011 "Could not read from file" when scanning sample rpm-file. 56316 fsav-compile-drivers scripts failing if executed with a relative path 56532 AUA crashes when FSMA is shut down 56666 "Riskware is not supported"" messages from fsav when installing 7.00 after 5.52 56684 Fsdiag fails on Ubuntu 7.04 56885 General Protection fault after installation 56975 FSMA rpm uninstallation fails if the group cannot be removed 56995 Appliance not reloading databases 57009 $GCONF_CMD error string printed during uninstall 57011 Upgrading command-line-only version does not update the version number 57194 Not uploading traps to PMC 57264 PMC/Final item on alert forwarding can be changed on Web-UI 57399 Some options does not get properly migrated when upgrading from 4-series 57420 fsav_query_versions() and fsav_dbversion inconsistency #54308 57449 WUI:JPN:There is broken japanese on "Scan when closing a file" 57560 stopping and starting service sometimes fails 57565 fsoasd sometimes does not start after the reboot 57666 Dazuko unloaded during upgrade from 7.00 to newer 7-build (which is unsafe) 57817 fsdiag asks for database password from the user 57861 'fsav --version' gets stuck during cmdline-only upgrade from 5.52 to 7.00 57914 Integrity Checking status in WUI fails to warn user if only inode has changed 57919 WebUI cannot set alert forwarding E-Mail adddress correctly. 57922 Installer help text mentions a very old build 57930 AUA uninstall prefixes all printouts with -e ========================================================================== System Requirements ========================================================================== F-Secure Linux Security should be installed on a computer that meets the following minimum system requirements: System requirements: Processor: 686 Memory (command-line only): 256 MB RAM Memory (full install): 512 MB RAM Disk space to install: 200 MB Required components: Linux kernel 2.4 or later glibc 2.2.4 or later 32-bit compatibility libraries on 64-bit distributions The following 32-bit Linux distributions are supported: Asianux 2.0 Asianux 3.0 Debian 4.0 Miracle Linux 3.0 Red Hat Enterprise Linux 3 Red Hat Enterprise Linux 4 Red Hat Enterprise Linux 5 SUSE Linux 10 SUSE Linux 10.1 SUSE Linux 9.0 SUSE Linux 9.3 openSUSE 10.2 openSUSE 10.3 SUSE Linux Enterprise Desktop 10 SUSE Linux Enterprise Server 10 SUSE Linux Enterprise Server 9 Turbolinux 10 Ubuntu 6.06 LTS (Dapper Drake) Ubuntu 7.10 (Gutsy Gibbon) The following 64-bit (AMD64/EM64T) distributions are supported with 32-bit compatibility packages: Debian 4.0 Red Hat Enterprise Linux 4 Red Hat Enterprise Linux 5 SUSE Linux Enterprise Desktop 10 SUSE Linux Enterprise Server 10 SUSE Linux Enterprise Server 9 SUSE Linux 10.1 Turbolinux 10 Ubuntu 7.10 (Gutsy Gibbon) There may be some prerequisites that need to be fulfilled in order to let the product install successfully on your Linux distribution. Please consult the following web page for the latest available information: http://support.f-secure.com/enu/corporate/supportissue/av-linux/workarounds/workarounds-issue-2006022700.shtml ========================================================================== Installation Instructions ========================================================================== KEY CODES FOR INSTALLATION This Beta release can only be run in evaluation mode, without a keycode. IMPORTANT BETA INFORMATION - READ THIS BEFORE INSTALLING This beta release supports upgrade from previous Linux Server Security releases version 5.30 and above, and migration from F-Secure Anti-Virus for Linux Servers/Gateways version 4.65 to a command-line-only installation. This beta release does NOT support upgrade from previous Linux Client Security 5. You must first uninstall any instance of Client Security before installing. Make sure that you also remove any previous configuration policy by issuing "rm -rf /etc/opt/f-secure". To completely disable parts of the product (e.g. the firewall), use the command-line tool /opt/f-secure/fsav/sbin/fschooser. Quick installation instructions: 1. Copy the following file from the CD: f-secure-linux-security-7.00.70103 If you have downloaded the installation packet from the Internet, extract the installation file: tar zxvf f-secure-linux-security-7.00.70103.tgz 2. make sure that the installation file is executable: chmod a+x f-secure-linux-security-7.00.70103 3. Run the command: ./f-secure-linux-security-7.00.70103 This will start the installation. When the installation is completed, you can run /opt/f-secure/fsav/fsav-config to configure the product, and/or customize its settings using the Web User Interface available at http://localhost:28080/ ========================================================================== Known Problems ========================================================================== 43419 Web User interface not functioning if over 20000 files added to baseline Adding over 20 thousand files to the known files list may make the WUI Itegrity Checking screens unusable. 43594 Web User Interface pressing enter does not perform action 50240 Web UI German localization does not work on Debian 3.1 Workaround: Run: "dpkg-reconfigure locales" to configure locales, then restart the product using "/etc/init.d/fsma restart" 50665 Installation error messages if /boot is not mounted 50896 "Failed to get value..." error when trying to run fsav while fsma is not on 50959 WEB-UI does not support IE7. As a workaround, please use Mozilla Firefox. 51277 SMTP alert-forwarding does not support port-configuration. 51720 Cancelling setup not possible when entering key-code. 51858 Scanning NFS client accesses on server side is not possible. As a workaround, please configure a scheduled scan for the exported directories. 51909 Lots of 'Firewall rule installation failed' alerts sent if Policy Manager Server not accessible. 52222 Scanning excluded directory list has 1024 byte maximum limit 52404 Web User Interface may die when checking known-files As a workaround, 1. Edit /opt/f-secure/fsav/tomcat/bin/catalina.sh, add the following line after the 'F-Secure configuration parameters': export LD_PRELOAD="/opt/f-secure/fsav/java/lib/i386/libjsig.so /opt/f-secure/fsav/tomcat/shaj/libshaj-local.so /opt/f-secure/fsav/tomcat/shaj/libshaj-remote.so" 52600 Database update cron entries flooding syslog on some platforms As a workaround, change the syslog configuration so that cron's own messages go to a separate log file. 52716 Firewall failing to restore rules on shutdown or uninstall Problem fixed with iptables 1.2.10 and newer. 52842 Gnome panel applet crashes on RHEL4 By default RHEL4 does not have any web browser installed. As a workaround, install Mozilla Firefox. 52856 Running 2 fsav commands in a tight loop on a SMP can cause a bind error. This happens when two fsav commandline clients are launched simultaneously and both try to launch a fsavd and only one succeeds in creating the unix domain socket for communication. As a workaround, prelaunch the fsavd, e.g. using /opt/f-secure/fssp/etc/fsavd script via /etc/init.d 52870 Uninstallation fails if uninstaller cannot get exclusive access to RPM. 52891 Scanning errors from Beagle Indexer Firefox plugin temp files As a workaround, add '/home/USERNAME/.beagle/ToIndex/' to directories excluded from scanning on real-time scanning settings. 52907 Alert is sometimes lost #52944 As a workaround, reduce the amount of alerting sent by the product. 52934 Uninstalling aua rpm leaves fsaua process running 54973 Integrity checker alerts on every boot (some Ubuntu 7.04 systems) On Ubuntu 7.04, kernel modules are copied to the RAM disk (tmpfs) at boot time. This makes the file metadata for the kernel modules change between each boot, thus generating alerts from the integrity checker. 55860 Firewall rules not properly restored after product un- installation Workaround: please reboot the system after uninstalling the product in order to let the distribution-default firewall rules be re-applied. 56516 Some symbolic links not removed after uninstallation Manually remove the directory /opt/f-secure/common after uninstall. 56518 In WUI, Firewall rule table cannot properly handle 11 rules 57360 fsgav fails to inspect when multiple files are dragged from Konqueror 57380 Scheduled scanning does not work with multiple directories 57665 Integrity cherker alerts about /etc/ld.so.cache after upgrading 57816 Long file names are not wrapped correctly in WUI alert view 57818 F-Secure GNOME Panel Applet does not work on 64-bit Ubuntu 7.10 57923 Automatic centrally managed installation accepts nonexisting admin.pub 58505 Dazuko does not load on Turbolinux 11 and Fedora 7 ========================================================================== Technical Support ========================================================================== To provide feedback or send problem report follow instructions on page: http://support.f-secure.com/ ========================================================================== F-Secure Web Club ========================================================================== F-Secure Web Club is open to all F-Secure customers. Web Club pages contain a great deal of useful information on latest software versions, user documentation, release notes, etc. To connect to the Web Club directly from within your Web browser, go to: http://www.F-Secure.com/webclub/ ========================================================================== Copyrights ========================================================================== Copyright (c) 1993-2008 F-Secure Corporation. All Rights Reserved. This product may be covered by one or more F-Secure patents, including the following: GB2353372 GB2366691 GB2366692 GB2366693 GB2367933 GB2368233 GB2374260 Portions Copyright (c) 1991-2007 Kaspersky Lab. Portions copyright (c) 2002, 2003, 2004 H+BEDV Datentechnik GmbH All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. Neither the name of Dazuko nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. For more information, please see http://www.dazuko.org/ --- This software includes contributions that are Copyright (c) 1998-2002 University of Chicago. All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. Neither the name of the University of Chicago nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY THE UNIVERSITY OF CHICAGO AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE UNIVERSITY OF CHICAGO OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. --- Copyright (c) 1996 - 2005, Daniel Stenberg, . All rights reserved. Permission to use, copy, modify, and distribute this software for any purpose with or without fee is hereby granted, provided that the above copyright notice and this permission notice appear in all copies. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. Except as contained in this notice, the name of a copyright holder shall not be used in advertising or otherwise to promote the sale, use or other dealings in this Software without prior written authorization of the copyright holder. --- Portions Copyright (c) 1994-2005 Sun Microsystems, Inc. JAVATM 2 RUNTIME ENVIRONMENT (J2RE), STANDARD EDITION, VERSION 1.5.0.12 is licensed under Sun Microsystems, Inc. Binary Code License Agreement For full description of http://java.sun.com/j2se/1.5.0/jre-1_5_0_12-license.txt --- Portions Copyright (c) 2006 Larry Wall Perl is licensed under Artistic License. For full description of the license Artistic License, please see http://search.cpan.org/src/NWCLARK/perl-5.8.8/Artistic --- Portions Copyright (c) 1999-2005, The Apache Software Foundation Product includes Apache Tomcat Apache Tomcat is licensed under the Apache 2.0 License For full desciption of Apache 2.0 License, please see http://www.apache.org/licenses/LICENSE-2.0.txt --- Portions Copyright (c) 2005 IT Mill Ltd (http://www.millstone.org/) Millstone is licensed under LGPL This library is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any later version. This library is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details. You should have received a copy of the GNU Lesser General Public License along with this library; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA For full description of LGPL-license terms, please see http://www.fsf.org/licensing/licenses/lgpl.txt --- Portions Copyright (c) 2005 Free Software Foundation, Inc. KDE is published is licensed under the LGPL License. This library is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any later version. This library is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details. You should have received a copy of the GNU Lesser General Public License along with this library; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA For full description of LGPL-license terms, please see http://www.fsf.org/licensing/licenses/lgpl.txt For full description of LGPL-license terms, please see http://www.fsf.org/licensing/licenses/lgpl.txt --- Portions Copyright (c) 2005 Trolltech AS --- Portions Copyright (c) 2005 Cenqua Pty Ltd Product includes Shaj (Simple Host Authentication for Java) library. Shaj is licensed under the Apache 2.0 License For full desciption of Apache 2.0 License, please see http://www.apache.org/licenses/LICENSE-2.0.txt --- PostgreSQL is released under the BSD License. PostgreSQL Database Management System (formerly known as Postgres, then as Postgres95) Portions Copyright (c) 1996-2007, The PostgreSQL Global Development Group Portions Copyright (c) 1994, The Regents of the University of California Permission to use, copy, modify, and distribute this software and its documentation for any purpose, without fee, and without a written agreement is hereby granted, provided that the above copyright notice and this paragraph and the following two paragraphs appear in all copies. IN NO EVENT SHALL THE UNIVERSITY OF CALIFORNIA BE LIABLE TO ANY PARTY FOR DIRECT, INDIRECT, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES, INCLUDING LOST PROFITS, ARISING OUT OF THE USE OF THIS SOFTWARE AND ITS DOCUMENTATION, EVEN IF THE UNIVERSITY OF CALIFORNIA HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. THE UNIVERSITY OF CALIFORNIA SPECIFICALLY DISCLAIMS ANY WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE SOFTWARE PROVIDED HEREUNDER IS ON AN "AS IS" BASIS, AND THE UNIVERSITY OF CALIFORNIA HAS NO OBLIGATIONS TO PROVIDE MAINTENANCE, SUPPORT, UPDATES, ENHANCEMENTS, OR MODIFICATIONS. ========================================================================== Trademarks ========================================================================== F-Secure and the triangle symbol are registered trademarks of F-Secure Corporation and F-Secure product names and symbols/logos are either trademarks or registered trademarks of F-Secure Corporation. ========================================================================== F-Secure License Terms ========================================================================== F-SECURE(R) LICENSE TERMS IMPORTANT . BEFORE INSTALLING OR USING THE SOFTWARE, CAREFULLY READ THE FOLLOWING LEGAL TERMS (.TERMS.) FOR THE LICENSE OF F-SECURE SOFTWARE. BY SELECTING THE ACCEPTING OPTION BELOW, OR BY INSTALLING, COPYING OR USING THE ACCOMPANYING SOFTWARE YOU (EITHER AN INDIVIDUAL OR A SINGLE ENTITY) AGREE THAT YOU HAVE READ THESE TERMS, UNDERSTAND THEM AND AGREE TO BE LEGALLY BOUND BY THEM. IF YOU DO NOT AGREE TO ALL OF THE TERMS, SELECT THE REJECTING OPTION AND DO NOT INSTALL, USE OR COPY THE SOFTWARE. These Terms cover any and all F-Secure programs licensed by you, including related documentation and any update and upgrade of the programs delivered to you under the purchased license or any related service agreement as defined in the documentation and any copy of these items (together the .Software.). COMMERCIAL LICENSE Subject to the payment of the applicable license fees and subject to the following terms and conditions, you have been granted a non-exclusive, non-transferable right to use the specified Software. F-Secure reserves any and all rights not expressly granted to you. You may: A) Install and use the Software only on as many units (typically handheld devices, personal computers, servers or other hardware) as stated in the F-Secure License Certificate, applicable invoice, product packaging or agreement where these Terms have been appended. In case the Software or its services are shared through a network or the Software is used to protect traffic from viruses or other malicious code at web and e-mail servers, firewalls or gateways, you must have a license for either scanning capacity or for the total number of users whom the Software provides services to. In such cases you may install the Software on as many units as needed. B) Create copies of the Software for installation and backup purposes only. C) Extend the number of licenses by purchasing additional licenses. You may not: A) Install and use the Software against these Terms, the F-Secure License Certificate or other related documentation. B) Distribute copies of the Software to a third party, electronically transfer the Software to a computer belonging to a third party, or permit a third party to copy the Software. C) Modify, adapt, translate, rent, lease, resell, distribute or create derivative works based upon the Software and/or related files (including but not limited to virus definition databases, security news and descriptions) or any part thereof. D) Decompile, reverse engineer, disassemble, or otherwise reduce the Software and/or related files (including but not limited to virus definition databases, security news and descriptions) to any human-perceivable form as the Software contains or may contain trade secrets of F-Secure. E) Use the documentation for any purpose other than to support your use of the Software. Please contact F-Secure directly if you are interested in any other rights to the Software other than those granted in these Terms. F) Disclose the license authorization code provided for the program installation (included but not limited to key code, subscription number and registration key) to any third party. G) Use the Software or any portion thereof to implement any product or service to operate on or in connection with the Software for any other purpose than granted herein. H) Use the Software to publish, distribute and/or obtain software or content (i) not specifically related to F-Secure products and/or services and (ii) not security-related (or any updates to any such software or content). EVALUATION LICENSE An Evaluation License is applicable when you download or install an evaluation version of the Software or you are granted a time limited, non-exclusive and non-transferable license by F-Secure or its resellers for evaluation purposes. The Software is licensed to you for the sole purpose of evaluating the Software and only for a specified evaluation period, which will begin on the date that the Software is first downloaded by or delivered to you. After the specified time period, you must either purchase the Software license from F-Secure or its reseller, or destroy and stop using the Software. If you purchase the Software before the expiration of the evaluation time and register the Software, you have a valid license and you do not need to destroy the Software. F-Secure shall have no obligation to provide support or maintenance services for Evaluation Licenses. For the avoidance of doubt, the Evaluation License is also subject to restrictions set out above as items A-H. F-Secure reserves any and all rights not expressly granted to you. NON-COMMERCIAL LICENSE A Non-Commercial License is applicable when you download or install a free version of a detection and/or removal tool made available to you by F-Secure or its reseller. Such Software is licensed to you only for a limited period as a non-exclusive, non-transferable license and is intended only as a supplementary tool (not for ongoing content security purposes). F-Secure reserves the right to discontinue the ability to use this type of Software at any time and is under no obligation to provide support or maintenance services for Non-Commercial Licenses. For the avoidance of doubt, the Non-Commercial License is also subject to restrictions set out above as items A-H. F-Secure reserves any and all rights not expressly granted to you. TITLE Title, ownership rights, and intellectual property rights in the Software shall remain those of F-Secure, and/or its suppliers. The Software is protected by copyright laws and international copyright and other intellectual property treaties. LIMITED WARRANTY AND DISCLAIMERS Limited Warranty on Media. F-Secure warrants the physical media produced by F-Secure on which the Software is recorded to be free from defect in material and workmanship under normal use for 30 days from the date of delivery. F-Secure does not give any warranties on media in case the Software is delivered bundled in a third party device. Any implied warranties on the media, including implied warranties of merchantability and fitness for a particular purpose, are limited in duration to 30 days from the date of delivery. F-Secure will, at its option, replace the media or refund the purchase price of the media. F-Secure shall have no responsibility to replace or refund the purchase price of media, which is damaged by accident, abuse, or misapplication. Disclaimer of Warranty on Software. THE SOFTWARE IS PROVIDED .AS IS., WITHOUT WARRANTY OF ANY KIND. F-SECURE, ITS LICENSEES AND DISTRIBUTORS EXPRESSLY DISCLAIM ALL IMPLIED WARRANTIES, INCLUDING BUT NOT LIMITED TO IMPLIED WARRANTIES OF TITLE, NON-INFRINGEMENT, MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. F-Secure, its licensees and distributors do not guarantee the Software or related documentation in terms of their correctness, accuracy, reliability, or otherwise. You assume the entire risk as to the results and performance of the Software and related documentation. Complete Statement of Warranty. The limited warranties provided in the preceding paragraphs are the only warranties of any kind that are made by F-Secure on the Software. No oral or written information or advice given by F-Secure, its dealers, distributors, agents, or employees shall create a warranty or in any way increase the scope of the foregoing limited warranty, and you may not rely on any such information or advice. Some states do not allow the exclusion of implied warranties, so the above exclusion may not apply to you, and you may have other rights, which may vary from state to state. Limitation of Liability. IN NO EVENT SHALL F-SECURE, ITS LICENSEES, ITS DISTRIBUTORS OR ITS SUPPLIERS BE LIABLE TO YOU FOR ANY SPECIAL, CONSEQUENTIAL, INCIDENTAL, OR INDIRECT DAMAGES, INCLUDING, BUT NOT LIMITED TO, LOSS OF REVENUE OR PROFIT, LOST OR DAMAGED DATA OR OTHER COMMERCIAL OR ECONOMIC LOSS, ARISING OUT OF THE USE OF, OR INABILITY TO USE, THE SOFTWARE OR RELATED DOCUMENTATION, EVEN IF F-SECURE HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. Some states do not allow the limitation or exclusion of liability for incidental or consequential damages so the above limitation or exclusion may not apply to you. F-SECURE, ITS LICENSEES, DISTRIBUTORS AND SUPPLIERS SHALL IN NO EVENT BE LIABLE FOR ANY DAMAGES ARISING FROM PERFORMANCE OR NON-PERFORMANCE OF THE SOFTWARE. OUR MAXIMUM LIABILITY TO YOU FOR ACTUAL DAMAGES FOR ANY CAUSE WHATSOEVER SHALL IN NO EVENT EXCEED THE AMOUNT PAID BY YOU FOR THE SOFTWARE. Nothing contained in these License Terms shall prejudice the statutory rights of any party dealing as a consumer. F-Secure is acting on behalf of its employees, licensees, distributors and licensors or subsidiaries for the purpose of disclaiming, excluding, and/or restricting obligations, warranties, and liability as provided in this clause, but in no other respects and for no other purpose. EXPORT RESTRICTIONS (EXCLUSIVELY FOR CRYPTOGRAPHIC SOFTWARE) 1. If the Software is shipped or otherwise distributed to you from the United States of America: You acknowledge that the Software and the maintenance and support services including without limitation technical services and technical data (e.g., manuals, blueprints, plans, diagrams, models, formulae, tables, engineering designs and specifications and instructions written or recorded) and any other such technical services and technical data (.the Services.) are of U.S. origin for purposes of U.S. export control laws, regulations, administrative acts or Executive Orders, and any amendments thereof, including without limitation the Export Administration Act of 1979, as amended (the "Act"), and the regulations promulgated thereunder (the "U.S. Export Control Laws"). You agree to comply with all applicable U.S. Export Control Laws and any applicable international laws and regulations that apply to the Software and to the Services, including without limitation the Act as well as end-user, end-use and destination restrictions issued by the U.S. and other governments. 2. If the Software is shipped or otherwise distributed to you from a country other than the United States of America: You agree to comply with the local regulations regarding exporting and/or using cryptographic software. In all cases, F-Secure will not be liable for the illegal export and/or use of its cryptographic software by you. U.S. GOVERNMENT RIGHTS If the Software is licensed for or on behalf of the United States of America, its agencies and/or instrumentalities ("U.S. Government") pursuant to solicitations issued on or after December 1, 1995, the Software is provided with the commercial rights and restrictions described elsewhere herein. If the Software is licensed for or on behalf of the U.S. Government pursuant to solicitations issued prior to December 1, 1995, the Software is provided with RESTRICTED RIGHTS as provided for in FAR, 48 CFR 52.227-14 (JUNE 1987) or DFAR, 48 CFR 252.227-7013 (OCT 1988), as applicable. HIGH RISK ACTIVITIES The Software is not fault-tolerant unless expressly stated in product documentation and is not designed, manufactured or intended for use or resale as control equipment in hazardous environments requiring fail-safe performance, such as in the operation of nuclear facilities, aircraft navigation or communication systems, air traffic control, direct life support machines, or weapons systems, in which the failure of the Software could lead directly to death, personal injury, or severe physical or environmental damage ("High Risk Activities"). F-Secure and its suppliers specifically disclaim any express or implied warranty of fitness for High Risk Activities. GRANT TO USE You agree and acknowledge that the Software may send information related to the use of the Software by you and the findings of such use to F-Secure via Internet in obfuscated/encrypted form. You grant F-Secure the right to use and display statistical security information, other security related content or material in a non-personally identifiable form and license/device information submitted by the Software, or by you through the Software, to F-Secure for customer registry, security research and solution development purposes. GENERAL The license will terminate immediately without notice if you are in breach of any of its terms and conditions. You shall not be entitled to a refund from F-Secure or any of its resellers as a result of termination. The terms and conditions concerning confidentiality and restrictions on use shall continue in force even after any termination. F-Secure may revise these Terms at any time and the revised terms shall automatically apply to the corresponding versions of the Software distributed with the revised terms. If any part of these Terms is found void and unenforceable, it will not affect the validity of rest of the Terms, which shall remain valid and enforceable according to its terms. In case of controversy or inconsistency between translations of these Terms to other languages, the English version issued by F-Secure shall prevail. These Terms shall be governed under the Laws of Finland without regard to conflict of laws rules and principles and without regard to the United Nations Convention of Contracts for the International Sales of Goods. The courts of Finland shall have the exclusive jurisdiction and venue to adjudicate any dispute arising out of these Terms. Notwithstanding the foregoing, in the case of purchases made within or on behalf of licensees residing within or operating under the laws of the United States the governing law of these Terms shall be the laws of the State of California without regard to conflict of laws rules and principles and without regard to the United Nations Convention of Contracts for the International Sales of Goods. The exclusive jurisdiction and venue to adjudicate any dispute arising out of these License Terms shall be of the federal and state courts of California. If you have any questions concerning these Terms, or you would like to contact F-Secure for any other reason, please write: F-Secure Corporation, PL24, FI-00181 Helsinki, Finland, fax: +358 9 2520 5001, e-mail: helsinki@f-secure.com or call: +358 9 2520 0700 August 2006, F-Secure Corporation ========================================================================== End of RELEASE NOTES ==========================================================================