DragonWAF Identification Technologies 1. SQL Injection Prevention Remote attackers send requests to gain access on IIS web server, causing data leakage or data deletion. DragonWAF can identify the attacks, analyze, filters them. 2. Buffer Overflow Protection Buffer Overflow is an anomaly that stores data in a buffer outside the memory the programmer set aside for it. The extra data overwrites adjacent memory, which may contain program variables and program flow control data. DragonWAF can control the request length. 3. HTTP Methods Protection Illegal commands that will cause data loss or tamper on web server, DragonWAF administrators can analyze, classify, filter and protect web servers from any incoming requests. 4. Shellcode Exploits Prevention A standard English website environment is free of high-bit commands communication that could cause damage to server data, whereas in other language there will be complicated coding or high-bit requests targeting on IIS Web Servers. 5. Encoding Attack Prevention The variety of “encoding attacks” are sent to IIS Web Server are deceitful, trying to beat default policy. DragonWAF is able to identify such attacks, analyze risk level and filter them. 6. Keyword Strings Filtering DragonWAF is able to eliminate such commands. This type of command attempts to create a buffer overflow on web servers, causing permission issues to execute intrusion attacks. 7. Directory Traversal Filtering In a file transfer, the server end will provide required files by user end requests. There are policies to decide if users are permitted to read,write and create directories. DragonWAF can identify “Directory Traversal” attack, starts filtration. 8. Directory Protection DragonWAF protects default IIS website directory, against any abnormal access requests to exploit sub-directory paths. 9. Customizable Remote Warning Page Warn remote end of their malicious attacks with a warning message with a “Remote Warning Page”

IMPORTANT, PLEASE READ CAREFULLY. THIS IS A LICENSE AGREEMENT

DRAGONWAF 2010 is protected by copyright laws and international copyright treaties, as well as other intellectual property laws and treaties. This DRAGONWAF 2010 is licensed, not sold.

End User License Agreement
This End User License Agreement ("EULA") is a legal agreement between you (either an individual or a single entity) and DragonSoft Security Associates, Inc. with regard to the copyrighted Software (herein referred to as "DRAGONWAF 2010" or "SOFTWARE") provided with this EULA. The DRAGONWAF 2010 includes computer software, the associated media, any printed materials, and any "online" or electronic documentation. Use of any software and related documentation ("Software") provided to you by DragonSoft Security Associates, Inc. in whatever form or media, will constitute your acceptance of these terms, unless separate terms are provided by the software supplier, in which case certain additional or different terms may apply. If you do not agree with the terms of this EULA, do not download, install, copy or use the Software. By installing, copying or otherwise using the DRAGONWAF 2010, you agree to be bound by the terms of this EULA. If you do not agree to the terms of this EULA, DragonSoft Security Associates, Inc. is unwilling to license the DRAGONWAF 2010 to you.

1. Eligible Licensees. This Software is available for license solely to SOFTWARE owners, with no right of duplication or further distribution, licensing, or sub-licensing. IF YOU DO NOT OWN THE SOFTWARE, THEN DO NOT DOWNLOAD, INSTALL, COPY OR USE THE SOFTWARE.

2. Limited Right to Use. The DragonWAF 2010 and the contents herein are the intellectual property of DragonSoft Security Associates, Inc. and its licensors and are protected by applicable copyright, trademark, and proprietary rights. Viewing, printing, or downloading of any content, graphic, form, or document from this DragonWAF 2010 grants you only a limited nonexclusive license for your personal use and does not authorize republication, distribution, assignment, sublicense, sale, or preparation of derivative works unless you have received DragonSoft Security Associates, Inc. express written permission for such use. No part of any content, form, or document may be reproduced in any form or incorporated into any information retrieval system, electronic or mechanical, other than for your personal or business use. You may use this DragonWAF 2010, but such usage must be restricted to the DragonSoft Security Associates, Inc. promotions only. All rights not expressly granted herein are reserved by DragonSoft Security Associates, Inc.. Furthermore, you hereby agree not to create derivative works based on the Software. You may not transfer this Software.

3. Copyrights. The Software is licensed, not sold. You acknowledge that no title to the intellectual property in the Software is transferred to you. You further acknowledge that title and full ownership rights to the Software will remain the exclusive property of DragonSoft Security Associates, Inc. and/or its suppliers, and you will not acquire any rights to the Software, except as expressly set forth above. All copies of the Software will contain the same proprietary notices as contained in or on the Software. All title and copyrights in and to the DRAGONWAF 2010 (including but not limited to any images, photographs, animations, video, audio, music, text and "applets," incorporated into the DRAGONWAF 2010), the accompanying printed materials, and any copies of the DRAGONWAF 2010, are owned by DragonSoft Security Associates, Inc. or its suppliers. The DRAGONWAF 2010 is protected by copyright laws and international treaty provisions. You may not copy the printed materials accompanying the DRAGONWAF 2010.

4. Reverse Engineering. You agree that you will not attempt, and if you are a corporation, you will use your best efforts to prevent your employees and contractors from attempting to reverse compile, modify, translate or disassemble the Software in whole or in part. Any failure to comply with the above or any other terms and conditions contained herein will result in the automatic termination of this license and the reversion of the rights granted hereunder to DragonSoft Security Associates, Inc.

5. Disclaimer. THE INFORMATION ON THIS DRAGONWAF 2010 IS PROVIDED "AS IS" AND ALL WARRANTIES, EXPRESS OR IMPLIED, ARE DISCLAIMED (INCLUDING BUT NOT LIMITED TO THE DISCLAIMER OF ANY IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE).

6. Limitation of Liability. DragonSoft Security Associates, Inc.'s entire liability and your exclusive remedy under this EULA shall not exceed the price paid for the Software, if any. In no event shall DragonSoft Security Associates, Inc. or its suppliers be liable to you for any consequential, special, incidental or indirect damages of any kind arising out of the use or inability to use the software, even if DragonSoft Security Associates, Inc. or its supplier has been advised of the possibility of such damages, or any claim by a third party.

7. Rental. You may not loan, rent, or lease the SOFTWARE.

8. Upgrades. If the SOFTWARE is an upgrade from an earlier release or previously released version, you now may use that upgraded product only in accordance with this EULA. If the DRAGONWAF 2010 is an upgrade of a software program which you licensed as a single product, the DRAGONWAF 2010 may be used only as part of that single product package and may not be separated for use on more than one computer.

9. Feedback and Unsolicited Submissions. Unless you agree to the following terms, DragonSoft Security Associates, Inc. asks that you not send us feedback and unsolicited submissions such as, but not limited to, ideas for improving the DragonWAF 2010, marketing DragonSoft Security Associates, Inc. and its products, and enhancing DragonSoft Security Associates, Inc. product performance ("Submissions"). In the event that you send us Submissions your Submissions shall automatically become the property of DragonSoft Security Associates, Inc.. Except for those portions of Submissions containing personal information restricted by our Privacy Policy, DragonSoft Security Associates, Inc. shall have the right to use the Submissions in any manner at its sole discretion. DragonSoft Security Associates, Inc. shall not be required to compensate you for the Submissions.

10. Limitation of Liability. IN NO EVENT WILL DRAGONSOFT SECURITY ASSOCIATES, INC. BE LIABLE TO YOU FOR ANY INDIRECT, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES, INCLUDING ANY LOST PROFITS, LOST DATA, OR LOST SAVINGS, WHETHER BASED ON BREACH OF CONTRACT, BREACH OF WARRANTY, TORT, PRODUCT LIABILITY, OR ANY OTHER LEGAL THEORY EVEN IF DRAGONSOFT SECURITY ASSOCIATES, INC. HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. (Some states do not allow the exclusion or limitation of special, incidental, or consequential damages, so the above exclusion or limitation may not apply to you.)

11. Indemnification By You. If you distribute the Software in violation of this Agreement, you agree to indemnify, hold harmless and defend DragonSoft Security Associates, Inc. and its suppliers from and against any claims or lawsuits, including attorney's fees that arise or result from the use or distribution of the Software in violation of this Agreement.

12. Governing Law. By using this DragonWAF 2010, you agree that this Agreement shall be governed by and construed in accordance with the laws of Taipei County, Taiwan, without regards to its conflict of law rules. By using this DragonWAF 2010, you also agree that all litigation arising out of or in connection with this Agreement shall be brought in the Banciao District Prosecutors Office, Taipei County, Taiwan.

13. Amendments. This Agreement may be amended by DragonSoft Security Associates, Inc. from time to time and your only notice of such amendment shall be the posting of the amended Agreement on this DragonWAF 2010. You are therefore advised to review the Agreement each time you visit the DragonWAF 2010.

===========================================

DragonSoft Security Associates, Inc.
Address:9F., NO. 351, Sec. 2, Zhongshan Rd.,Zhonghe City, Taipei, Taiwan 235
TEL: +886-2-82215408
FAX: +886-2-82215476
EMAIL: dragonwaf_en@dragonsoft.com
Web: http://www.dragonsoft.com