An Independent Firewall Leak Testing

[Guest]

[egemen]

Hi All,

Guys at the following site published a comprehensive firewall leak test.
http://www.matousec.com/projects/windows-personal-firewall-analysis/leak-tests-results.php

Unlike other testers, these guy(s?) are systems programmer(s) and are very familiar with modern malware techniques.

Thats why cheaters failed !

Current version i.e. CPF 2.3.6.81, had a race condition bug which caused it to fail the leak test "Coat" but beta versions are immune from this bug.

Egemen

[AOwL]

Read it and weep :

[TheTOM_SK]

Congrats and keep up good work and do not start cheating, you do not have to unlike others.

[Graham1]

Thats why cheaters failed !

I can't believe the Outpost guys tried to cheat . Did they think they wouldn't get caught :. I bet alot of Outpost user's will deflect because of this and guess where they will be coming...



Edit: I wonder why ZoneAlarm Free wasn't included in the tests or does it have similar protection as the paid version?

[AOwL]

Zone Alarm free doesn't come close to the paid (Pro) one...

[pandlouk]

 

[jasper2408]

Congrats go to the Comodo crew for a job well done.   

jasper

[egemen]

I can't believe the Outpost guys tried to cheat . Did they think they wouldn't get caught :. I bet alot of Outpost user's will deflect because of this and guess where they will be coming...



Edit: I wonder why ZoneAlarm Free wasn't included in the tests or does it have similar protection as the paid version?

Here "cheating" means "inadequate defense".  So its defense is good enough to pass the leak tests. But when it comes to the real world, such a defense is hardly enough.

So please note that "Cheating" does not mean "deception" in this context.

Egemen

[Little Mac]

Hi All,

Guys at the following site published a comprehensive firewall leak test.
http://www.matousec.com/projects/windows-personal-firewall-analysis/leak-tests-results.php

Egemen

Egemen, Melih,

Do we know what Matousec means by "Highest Security" in regards to CPF?  I realize the "Default" is probably from an automatic install; CPF's regular settings.  What is their "Highest"?

TNX,

LM

[egemen]

Egemen, Melih,

Do we know what Matousec means by "Highest Security" in regards to CPF?  I realize the "Default" is probably from an automatic install; CPF's regular settings.  What is their "Highest"?

TNX,

LM

It should mean "Do not show alerts for the applications certified by COMODO" option disabled. With this option enabled CPF fails wallbreaker(1,3,4) tests. 

Other than that out of the box for anti-leak resistance should be as good. And for that test, we intentionally skipped further checks because it would generate unnecessarily large number of alerts. So when HIPS enabled CPF is released, it will ask before the process is executed as others do.

Currently, it does not pose a really serious risk because it is highly visible to the user(Otherwise CPF would catch).

You can leave your settings as out of the box.

Egemen

[Little Mac]

Thanks for the info, Egemen!

LM

[solo]

Here "cheating" means "inadequate defense".  So its defense is good enough to pass the leak tests. But when it comes to the real world, such a defense is hardly enough.

So please note that "Cheating" does not mean "deception" in this context.

Egemen

In a way, cheating in this context does mean deception:  deception of the end user.  Outpost Pro wants the end user to feel fully ptotected by putting in measures that will get around the leak test.  But in reality, the measures in place will not truly protect the end user from "real world" malware.

I would call that deception.

[Tags:]