COMODO firewall Pro did not pass leak test

[Guest]

[chrisg]

    I have just started using COMODO Firewall Pro and noticed on the website that you can do a leak test, I did and it failed. I got a message telling me to download COMODO Firewall Plus.
Can anyone answer me why it did not pass leak test?

Thanks

[chrisg]

Sorry.............It's me again, that should read COMODO Firewall Pro...............NOT Plus

[panic]

What leaktest was it, and how did you respond to the firewall alert/s when you ran it?

[chrisg]

 
Here is the web address that I got the leak test from     http://www.personalfirewall.comodo.com/leak/cpil.html?.Your%20firewall%20has%20leaked     Basically all I did was close down the web page and e mail COMODO support

[panic]

G'day,

The usual process is to download the leaktest suite to your PC and then run it from there.

When you run test #1, you should get an alert from the firewall that the application is trying to inject itself into IE. At this point you should click BLOCK. In doing this, you have prevented the leak test application from using IE to transmit your data. Your PC should now be rebooted, as leak testing applications can leave the PC in an unknown state.

The same procedure applies to tests 2 and 3 - i.e., run a test, BLOCK, check for data leakage and then reboot.

Try this method and let us know how it turns out.

Cheers,
Ewen :-)

[chrisg]

I am sorry, I did not explain very well, the procedure you suggested is the way that I did it, but I did not get any message from the firewall, all I got was this message

ONLINE COMODO FIREWALL TESTDOWNLOADSUPPORT
Comodo Firewall Pro: Parent Injection Leak Test
Your firewall didn't pass the test and transmitted information to our website.
You typed: Your firewall has leaked
This time it was useless information - next time it could be your credit card number or other sensitive data being passed to a hacker.

Comodo Firewall Pro 2.3 is the only firewall to pass all three Comodo Parent Injection Leak Tests with its default settings.

Get Protected. Download Comodo Firewall Pro Now.

[panic]

Providing you didn't have the firewall set to ALLOW ALL, created an ALLOW rule for the leak test app or hadn't disabled any of the other security checks within the firewall app, then it would have popped an alert - categorically.

Can you please check in the Application Monitor (in V2.4) or in NETWORK SECURITY POLICY - APPLICATION RULES (in V3 Beta) and see if you have an ALLOW rule anywhere for the leaktesting application.

Ewen :-)

[chrisg]

 Excuse my ignorance, I am new to all this, I do not have a clue  as to how I do that

[panic]

No worries. Don't think of it as ignorance, just a lack of knowledge, and we've all been there. 

What version of the firewall do you have?

Ewen :-)

[chrisg]

I have version 2.4.18.184

Thanks

Chris

[panic]

OK. Open CFP and click on SECURITY - APPLICATION MONITOR. This will display a list of the applications that have a rule applied to them. Scroll through the list and look for anything that starts with CPIL and delete the relevant entries. Once they're gone, reboot your PC this is just to make certain that the deleted rules can't be applied.

Rerun the leaktest application, but this time, when the firewall alerts you, click block and then check for the transmitted data.

Let us know how you go.

Cheers,
Ewen :-)

P.S> Sorry for the slow responses.

[chrisg]

Ok, I have checked that and CPIL does not appear at all


Chris

[chrisg]

I ran the test 1 again, it opened up IE  and the following message appeared...................................
Your firewall didn't pass the test and transmitted information to our website.
You typed: Your firewall has leaked
This time it was useless information - next time it could be your credit card number or other sensitive data being passed to a hacker.

Comodo Firewall Pro 2.3 is the only firewall to pass all three Comodo Parent Injection Leak Tests with its default settings.

Get Protected. Download Comodo Firewall Pro Now.


But I did not get a message from COMODO asking if I wanted to block anything

Chris

[towser]

I'm a bit confused here. If I deny the use of iexplore.exe during the CPIL test then I can't access the internet and get the 'IE cannot display webpage' message. So how do I see the result of the test?

Win XP Pro
ADSL Home Gateway firewall on

[panic]

I'm a bit confused here. If I deny the use of iexplore.exe during the CPIL test then I can't access the internet and get the 'IE cannot display webpage' message. So how do I see the result of the test?

Win XP Pro
ADSL Home Gateway firewall on

That's the entire point. Leak testing applications generally don't go onto the internet themselves, they use what is normally a known trusted application as their transport mechanism. When you click DENY you are not stopping the leak testing aplication, you are actually stopping the application that is attempting to access the internet under the instruction and control of the leak testing application.

When you click DENY - NEVER click REMEMBER, as you will be placing a permanent block on the application attempting to access the internet.

When running leak testing applications, it is strongly recommended that youreboot your PC after each leak test. The nature of leak testing applciations can leave your system in an inknown or an unstable state until you reboot.

Hope this helps,
Ewen :-)

[Tags:]