Comodo release 5 new security tests [CLOSED]

[Guest]

[Comofo]

If you get a chance, could you release a test for the test? 


 

[skboss]

Hi, Guys please help me out here. when I did the test It says that ----"BITS Hijack"  is vulnerable. How do I fix this problem? I am using a Norton 360 V.2 and Comodo Firewall Pro. Besides that when I did the firewall check on Symantec Internet Security checkup; it found that my Port 80 is open. please help me out. I think this is why I am getting the vulnerability error message. How can I block Port 80 or what else Can I do to make my computer secure? please help me out here.

[WaterWall]

It's not very wise to run Norton 360 which has it's own firewall and Comodo v3. Norton Antivirus and Comodo firewall would be good combination (well the Comodo part for sure  )
Disabling 360's firewall may help, but then Norton will scream and shout that you are not protected and piss you off 
So I don't know. It's your call 

[kail]

Hi skboss, welcome to the forums

BITS stands for Background Intelligent Transfer Service, it's a Windows Service. As the name implies, it's generally involved in file transfers & is used as part of the Windows Update (WU) process. In fact, without BITS WU wouldn't work. I believe the currently vulnerability surrounds the use of the COM API.. but, CFP 3 should have detected that. However, if you are indeed running Norton 360 alongside CFP3, then this might be why it didn't. Running 2 firewalls can, apparently, cause such conflicts which result in this.

Port 80 (HTTP) open? That is unusual, unless you're running a web server (are you?). But, again.. I suppose this could because you're running 2 firewalls.. but, I've not heard of that before specifically. Have you tried GRC's Shields Up?

[kail]

One thing you could do to mitigate the BITS vulnerability is to limit SVCHOST.EXE (within CFP, not sure about 360) to only access Microsoft Update servers. I suspect this would be fairly effective at stopping the BITS hijack.. (uncertain.. anybody?).. my SVCHOST has been limited like that for years, although I also have BITS disabled (I get Windows Updates by another method).

[skboss]

Hi, Guys please help me out here.  I did a test with Comodo Firewall Leak Test. It says that ----"BITS Hijack"  is vulnerable. How do I fix this problem?  I am using a Norton 360 V.2 and Comodo Firewall Pro. Besides that  I also did the firewall check on Symantec Internet Security checkup; it found that my Port 80 is open.  I think this is why I am getting the vulnerability message. But the problem is that  I don't know how to block it. Please help me out. I think this is why I am getting the vulnerability message. How can I block Port 80 or what else Can I do to make my computer secure? I also included the firewall test report to understand you guys better and to help me out. I am using Windows Vista service Pack 1. Please help me out here.

[skboss]

Hi, Kali Thank you for your response and to let you know that I am not running a web server. But still my port 80 is open, There is absolutely no way that I can close it. I tried disabling Norton Firewall and just to use Comodo Firewall but still the same result--Port 80 is open. please help me out here.

[kail]

Hi skboss

Firstly disabling a firewall (ie. Norton 360) when a second firewall is present will probably not be sufficient. This is because firewalls tend to conflict at a driver level & disabling a firewall doesn't necessarily stop their drivers.

Port 80 (HTTP): Open CFP, go to the Firewall section & select "View Active Connections". You should look at the Source (not Destination) & see if there is active connection for TCP Port 80. If there is, what is the associated program? Failing that, what is telling you that TCP Port 80 is open? Symantec's web test? If so, I recommend that you go to GRC's ShieldsUP & confirm that via GRC's test.

[surveyor_9]

Hi there - I was happily running CFP v3 until I downloaded and tried the clt test which I failed on all accounts.
My network defense is set at custom; my proactive defense is set at paranoid and I do not have the clt.exe allowed in my security policy. I would appreciate any help on fixing this plse. Cheers

[3xist]

Hi there - I was happily running CFP v3 until I downloaded and tried the clt test which I failed on all accounts.
My network defense is set at custom; my proactive defense is set at paranoid and I do not have the clt.exe allowed in my security policy. I would appreciate any help on fixing this plse. Cheers

Hi surveyor_9 & Welcome to the forums!!

It's not a concern. This test suite is just a little difficult for some users to use (how they should answer certain alerts, etc). You are protected, Don't worry! 

Josh

[surveyor_9]

Hi Josh - thanks for the welcome. I am sure that I am protected but if I can tweak the system then I would be interested in passing the security tests. Is this possible? Cheers Surveyor_9

[don67]

I run the CLT again with the latest version and this is the result....

[Blas]

Don,

Was CLT already on your computer before installing the firewall?

[don67]

Yes CLT is on my computer before i install the firewall in my partition

[Blas]

If defense+ was in celanpc mode, which is the default, it considers everything safe on your computer prior installation. So if CLT was already on your computer when you installed the firewall it was considered safe, and its actions allowed and learned automatically. If you want to rerun it, you should uninstall CLT, delete it from your computer and open up the firewall and on the defense+ tab go to advanced, computer security policy. Here you should search for anything related to CLT and delete the rules. Maybe a purge will remove most. Do the same at firewall/advanced/network security policy. If done, you can download again the test and it should ask you about its actions.

[Tags:]