turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- F-Secure Community
- :
- About etomcat
About etomcat
since
23-03-2012
Friday
etomcat
Superuser
862
Posts
177
Kudos
98
Solutions
21-03-2018
06:28 PM
Dear Laksh, I wonder if there has been any development in this case? Thanks in advance, Yours Sincerely: Tamas Feher, 2F 2000 Kft., Budapest, Hungary.
... View more
13-03-2018
01:44 PM
Hello, Doesn't the F-Secure web interface use "domain_name\user_name" and "domain_user's_password" for access? Best Regards: Tamas Feher, Hungary.
... View more
12-03-2018
02:46 PM
Helo,
Please inform us when do you plan to release a new major version of the "F-Secure Linux Security" product and what kind of modern penguins do you wish to support with it (for example Linux Debian 8-11 and recent Ubuntu editions would be important)!
Thanks in advance, Yours Sincerely:
Tamas Feher, 2F 2000 Kft., Budapest, Hungary.
EDIT: TITLE
... View more
09-03-2018
01:03 PM
Hello, Maybe it's illegal, because Linux OS contains one million line of Unix source code, which IBM stole from Santa Cruz Operations Inc? See for more: https://arstechnica.com/tech-policy/2017/10/appeals-court-keeps-alive-the-never-ending-linux-case-sco-v-ibm/ BR: Tamas Feher, Hungary.
... View more
09-03-2018
12:58 PM
Dear Dusan, Please specify exactly which versions do you use and on which OS? Database maintenance has been a built-in feature in recent editions of F-Secure Policy Manager Console and Server. Best Regards: Tamas Feher, Hungary.
... View more
08-03-2018
02:39 PM
2 Kudos
Hello, The "fsdfw.sys" file in question (or at least the copy found on my office computer) has not one, but two digital signatures: - one issued by F-Secure Corp., counter-signed by Globalsign CA and - another issued by Microsoft Windows 3rd Party HW Compatibility Publisher, counter-signed by Microsoft Root CA. There is likely some problem with the OS on the customer's particular endpoint computer, I think Microsoft Update should be ran on it. Best regards: Tamas Feher, Hungary.
... View more
08-03-2018
01:56 PM
Dear Matthias, The problem is FSAV (E)SS 12.11 has a security hole, so it should not be advertised at all, lest tricking users into installing a vulnerable edition! It has been replaced by fixed version 12.12, which should be advertised or the PMC message bar should remain silent. Best Regards: Tamas Feher, Hungary.
... View more
08-03-2018
01:52 PM
1 Kudo
Hello, I think the product interface, as shown by the illustrations, uses confusing terminology. For example the green slider when in fact it is about blocking or the use of word "exclusion" when in fact enforcing various blocks. These kind of "modern design" UI phraseologies can be insanely confusing for middle-aged or older people, whose world view is based on yes / no, rather than relativistic terms which change meaning based on subtle context. (I actually think these modern UI styles and terminology are closely related to the rise of personal media, where news, i.e. reports of events and decisions quickly become relativized items and eventually end up as Kremlin fake propaganda. Nothing is solid any more.) Anyhow I think most operators of PSB account are people born way before 2000, so maybe the the portal UI should cater to them, rather than teenagers? Thanks for your kind attention, Yours Sincerely: Tamas Feher, Hungary.
... View more
05-03-2018
06:30 PM
Hello, > I have a customer with Zimbra using IMAP and SMTP. Can I protect this mail server with Internet Gatekeeper (POP/SMTP)? The product release note says: "F-Secure Internet Gatekeeper 5.50 is a gateway product that acts as a virus scanning proxy for HTTP, SMTP, POP, ICAP and FTP protocols." So IMAP is apparently not covered at the gateway level, even though IMAP-4 (port 143) support was available in the desktop product's e-mail scanning local module? Best Regards: Tamas Feher, Hungary.
... View more
05-03-2018
06:22 PM
Hello, > if I am doing something obviously wrong with the exception rules There are some knowledge base articles about rules for setting up F-Secure exclusions, simply or via wildcards: - Excluding objects from F-Secure Real-Time scanning: https://community.f-secure.com/t5/Business/Excluding-objects-from-Real-Time/ta-p/66013 - Excluding process from F-Secure Real-Time scanning: https://community.f-secure.com/t5/Business/Excluding-process-from-Real-Time/ta-p/102496 - Using wildcards in F-Secure exclusions: https://community.f-secure.com/t5/Business/Using-wildcards-in-exclusions/ta-p/20428 Best Regards: Tamas Feher.
... View more
05-03-2018
06:12 PM
Hello, - How are they supposed to solve a false alarm over the phone? - In my experience false positive detections cannot be fixed by exclusions satisfactorily, especially since wildcard use rules are tricky in F-Secure AV. Rather, you need to submit samples so the AV company lab can fix the detection problem centrally. - You need to submit the binary sample for evaluation, so they can fix it. See the upload form here: https://www.f-secure.com/en/web/labs_global/submit-a-sample (This is something only you can do, since only you have the affected files.) Best Regards: Tamas Feher, Hungary.
... View more
28-02-2018
04:25 PM
Hello, Apparently, it is a potential product bug under investigation by F-Secure developers, with an ETA for answer on next Tuesday. Yours Sincerely: Tamas Feher, Hungary.
... View more
28-02-2018
04:23 PM
Dear Sirs, Is it possible to enter the F-Secure PSB portal (SoP account) web interface, visit the Reports page / Infections list and click on a malware name there and somehow select or set that I don't want to see any further alerts with a particular malware name? For example I wish I would not see any more alerts in the web interface for "Application.Hacktool.KMSActivator" detections. (Apparently many of the hungarian schools are using a "pirate" method called "KMS Pico" to activate Windows, despite actually having access to valid, free to use Microsoft licences via a publicly funded programme... F-Secure PSB detects the KMS as a hacking tool. I cannot do anything about that situation, since I'm not the schools' syasmin and don't even have working contact info to many of the end users.) Yet, I don't want to see those alerts about KMS, because there are a myriad of them and they clog the PSB web interface, drowning out the actual security incident alerts from view, which is a potentially dangerous situation. I think it is too cumbersome to e-mail a summary list from the web interface and filter that ex post facto in Excel or similar, all the time. Thanks for your kind attention, Yours Sincerely: Tamas Feher, Hungary.
... View more
27-02-2018
10:54 AM
Dear F-Secure,
Please expedite the case " Virus Lab xxxxxx / Sandbox xxxxx" if possible.
I feel these potential self-false alarms in FSAV PSB 12 on Aquarius engine files and RAR files (in realt-ime protection?!) could be important.
Thanks in advance, Yours Sincerely:
Tamas Feher, 2F 2000 Kft., Hungary.
EDIT: Removed Case number
... View more
23-02-2018
03:28 PM
Hello, > Running 2008r2 and email and server security premium 12.11 The FSAV (E-mail) and Server Security 12.11 product has a recently disclosed, medium risk level security hole. Please use the patched version FSAV (E)SS 12.12 instead. For more info please visit: https://www.f-secure.com/en/web/labs_global/fsc-2018-1 Yours Sincerely: Tamas Feher, Hungary.
... View more
23-02-2018
02:51 PM
Dear F-Secure, Is it possible to ban impossible entries from appearing in PSB portal or re-normalize them before display? In the following case for example, the CMOS calendar/clock of a workstation computer is obviously mis-adjusted, so it is "time-travelling" and submitted a malware alert with a future dating for 20th November 2018: Date and time: 2018.11.20. 23:05:41 Customer: Banki Donat Muszaki Kozepiskola es Kollegium (c254503) Device: 056-pc (computer no. 1683794) User: 056-PC\056 Threat: Application.Hacktool.KMSActivator Category: Spyware Object:C:\Program Files\KMSpico\KMSELDI.exe Action: Blocked, needs user action Thanks in advance, Yours Sincerely: Tamas Feher, 2F 2000 Kft., Budapest, Hungary.
... View more
21-02-2018
12:23 PM
1 Kudo
Dear Sirs, Would it be possible for F-Secure to release a short formal statement (maybe a single-page PDF document) which says the totality of information security protection capabilities in "F-Secure PSB Computer Protection 18.3" software is not less than the capability of the outgoing "FSAV PSB 12.01 for Workstations" software? Some customers need it for auditing purposes, since the independent auditor only sees the roster of features and notes some are missing, like firewall and starts to nitpick about the acceptability of conversion. Thus a plainly worded vendor's statemernt about "PSB Computer Security 18" being the worthy successor would go a long way towards disarming reservations. Thanks in advance, Yours Sincerely: Tamas Feher, Hungary.
... View more
16-02-2018
04:11 PM
Hello, > ISOLATED NETWORKS There is a knowledge base article: Using archives to update malware definitions https://community.f-secure.com/t5/Business/Using-archives-to-update-malware/ta-p/102979 Best Regards: Tamas Feher, Hungary.
... View more
15-02-2018
05:06 PM
Dear Sirs, Can we really allow posters promote software piracy on the forum? F-Secure Corp., in its role of website operator could be found legally responsible, which is a big risk IMHO. Best Regards: Tamas Feher, Hungary.
... View more
13-02-2018
06:22 PM
Dear Alexander, Thanks for the expert insight on the mentioned case! Yours Sincerely: Tamas Feher, Hungary.
... View more
13-02-2018
03:34 PM
Dear Vad, Thanks for your response! > we do not change the product/modules versions/build numbers during installation of this multifix. Doesn't that make it difficult to see in the PSB webportal which computer have been fixed and which still lack the patch? Maybe F-Secure plans to centrally push-replace PSB WKS 12 with Computer Protection 18.x real soon, so the above issue has limited practical significance? Thanks in advance, Yours Sincerely: Tamas Feher, Hungary.
... View more
13-02-2018
01:40 PM
Dear Alexander,
> Thanks to our efforts in optimizing DB handling, I did not hear about any H2 corruptions happened with PM 13.
Please check F-Secure support case no. xxxxx for one example.
I think the main difference between H2 and MySQL is that the first one is kind of an enthusiasts' project, while the latter is professionally developed, even though its free. Thus mention the MySQL evokes trust similar to MS-SQL or Oracle, while mostly nobody has heard of H2 DB.
Yours Sincerely: Tamas Feher, Hungary.
EDIT: Removed case number
... View more
12-02-2018
12:04 PM
Dear Fedool, I have "12.01 Multifix 4" already downloaded in PSB since Friday, but the version's build number still hasn't changed to 293 in the "About..." window, it still shows 12.01 build 283. Is that OK? Thanks in advance, Yours Sincerely: Tamas Feher, Hungray.
... View more
12-02-2018
11:57 AM
1 Kudo
Hello, Please tell the people about the OS version and F-Secure version in use? It is hard to give a good answer without knowing the basics of this case. Thanks in advance, Yours Sincerely: Tamas Feher, Hungary.
... View more
12-02-2018
11:54 AM
Hello, > One folder in that directory afer update grew over 16GB. The F-Secure Policy Manager storage requirements are excessive in my opinion and the vendor should really optimize usage. I also think H2 Java database needs to go and MySQL should be the default, not a tricky, half-supported hack. The H2 corrupts way too often in rea-world use, it cannot be considered a stable corporate / enterprise item. Thanks for your kind attention, Yours Sincerely: Tamas Feher, Hungary.
... View more
01-02-2018
04:12 PM
Hello, My suggestion: Pack up the problemful database's folder (probably several hundred megabytes size) and upload it to F-Secure FTP's Incoming folder. Open an F-Secure vendor support ticket, ask them to download the file and repair it for you, so you can use it at the customer to restore proper operation. If the customer is making very heavy use of Policy Manager Server, maybe consider switching the database from H2 to MySQL at a later time, although that's a highly technical move and there is little official guidance offered. Best Regards: Tamas Feher, Hungary.
... View more
01-02-2018
11:49 AM
Dear F-Secure, I wish to understand why F-Secure's home-user and home-office oriented protection products are missing from this security hole - fixed versions bulletin? FSC-2018-1: Multiple Memory Vulnerabilities in IPC Messages https://www.f-secure.com/en/web/labs_global/fsc-2018-1 The SAFE and FSIS products also run on Windows x86-32/64 platform, so information concerning their exposure and remedy (if needed) should be mentioned there. Thanks in advance, Yours Sincerely: Tamas Feher, Hungary.
... View more
01-02-2018
11:25 AM
Dear F-Secure, I am observing this newly published F-Secure vulnerability-hotfix bulletin: FSC-2018-1: Multiple Memory Vulnerabilities https://www.f-secure.com/en/web/labs_global/fsc-2018-1 It says F-Secure PSB customers have to apply the patched new versions themselves: "Fixed versions PSB Workstation 12.01.293 and PSB Email And Server Security 12.10.284 are available on PSB portal download page." That is really unacceptable, I'd say even unfaithful, because PSB is all about automation! Customers are paying for PSB service so they don't have to operate the infrastructure in-house! F-Secure Corp. please get your act together and auto-distribute the patch ASAP over the channel as "PSB 12 Multifix #04" or if that's not possible, then as a full software version AUA push. You have the GUTS to do that. Thanks for your kind attention, Sincerely: Tamas Feher, Hungary.
... View more
31-01-2018
03:58 PM
Hello, > The problem was solved instaling Windows6.1-KB2999226-x86.msu from > https://www.microsoft.com/en-us/download/details.aspx?id=49077 Shouldn't the pre-requisite check and if necessary, even the auto-download and auto-installation of that component be part of the F-Secure Client Security setup wizard? Best regards: Tamas Feher, Hungary.
... View more
31-01-2018
03:54 PM
2 Kudos
Hello, > I block websites like facebook but employees find way to use it using Windows Store apps. I think FB access should be blocked at the network gateway traffic level, banning domains like fbcdn.net, facebook.*, fbcdn-video-*.akamaihd.net and probably a myriad of other URI resources? Even if you block WinStore and Google Play Store, the employees could download a client at home, print it in a form of full-page QR barcode (some solutions can store 4MB per printed A4 page) and OCR scan it at the office to reconstruct the binary or invent any other kind of McGyver-like trick. (People really very much want to have Facebook nowadays, so they can read russian trolls' fake news... Maybe a corporation-wide education campaign on how FB turns people into zombies should be also helpful.) Best Regards: Tamas Feher, Hungary.
... View more
