Author Topic: An Independent Firewall Leak Testing  (Read 11506 times)

Offline egemen

  • Comodo Staff
  • Comodo's Hero
  • *****
  • Posts: 3380
An Independent Firewall Leak Testing
« on: November 28, 2006, 08:30:45 PM »
Hi All,

Guys at the following site published a comprehensive firewall leak test.
http://www.matousec.com/projects/windows-personal-firewall-analysis/leak-tests-results.php

Unlike other testers, these guy(s?) are systems programmer(s) and are very familiar with modern malware techniques.

Thats why cheaters failed ! ;)

Current version i.e. CPF 2.3.6.81, had a race condition bug which caused it to fail the leak test "Coat" but beta versions are immune from this bug.

Egemen

Offline AOwL

  • Comodo SuperHero
  • Comodo's Hero
  • *****
  • Posts: 2349
  • Comodo Firewall Pro - Be safe, use protection...
    • NordicNatureMedia
Re: An Independent Firewall Leak Testing
« Reply #1 on: November 28, 2006, 09:05:44 PM »
Read it and weep :'( ::) ;D

Offline TheTOM_SK

  • Comodo Loves me
  • ****
  • Posts: 121
Re: An Independent Firewall Leak Testing
« Reply #2 on: November 29, 2006, 05:12:15 AM »
Congrats and keep up good work and do not start cheating, you do not have to unlike others.

Offline Graham1

  • Comodo's Hero
  • *****
  • Posts: 1890
Re: An Independent Firewall Leak Testing
« Reply #3 on: November 29, 2006, 01:27:05 PM »
Thats why cheaters failed ! ;)

I can't believe the Outpost guys tried to cheat :o. Did they think they wouldn't get caught ::). I bet alot of Outpost user's will deflect because of this and guess where they will be coming...

:)

Edit: I wonder why ZoneAlarm Free wasn't included in the tests or does it have similar protection as the paid version?
« Last Edit: November 29, 2006, 01:29:54 PM by Graham1 »
Ubuntu 20.04 LTS | Chromium | uBlock Origin | Privacy Badger | HTTPS Everywhere
https://www.thevenusproject.com | Beyond Politics Poverty and War

Offline AOwL

  • Comodo SuperHero
  • Comodo's Hero
  • *****
  • Posts: 2349
  • Comodo Firewall Pro - Be safe, use protection...
    • NordicNatureMedia
Re: An Independent Firewall Leak Testing
« Reply #4 on: November 29, 2006, 01:37:56 PM »
Zone Alarm free doesn't come close to the paid (Pro) one...

Offline pandlouk

  • I love Comodo
  • Comodo's Hero
  • *****
  • Posts: 2240
  • Retired Mod
Re: An Independent Firewall Leak Testing
« Reply #5 on: November 29, 2006, 02:23:17 PM »
 (R) (:LOV) :BNC

Offline jasper2408

  • Comodo's Hero
  • *****
  • Posts: 651
Re: An Independent Firewall Leak Testing
« Reply #6 on: November 29, 2006, 04:22:36 PM »
Congrats go to the Comodo crew for a job well done.    (:CLP)

jasper
CFP 3.0.22.327beta  CMF   Avast Pro  SAS Pro Sandboxie Win XP PRO SP2 (x32)

Offline egemen

  • Comodo Staff
  • Comodo's Hero
  • *****
  • Posts: 3380
Re: An Independent Firewall Leak Testing
« Reply #7 on: November 29, 2006, 05:12:51 PM »
I can't believe the Outpost guys tried to cheat :o. Did they think they wouldn't get caught ::). I bet alot of Outpost user's will deflect because of this and guess where they will be coming...

:)

Edit: I wonder why ZoneAlarm Free wasn't included in the tests or does it have similar protection as the paid version?

Here "cheating" means "inadequate defense".  So its defense is good enough to pass the leak tests. But when it comes to the real world, such a defense is hardly enough.

So please note that "Cheating" does not mean "deception" in this context.

Egemen

Offline Little Mac

  • Forum Volunteer
  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 6303
  • The Colonel told me to.
Re: An Independent Firewall Leak Testing
« Reply #8 on: November 30, 2006, 11:06:10 AM »
Hi All,

Guys at the following site published a comprehensive firewall leak test.
http://www.matousec.com/projects/windows-personal-firewall-analysis/leak-tests-results.php

Egemen

Egemen, Melih,

Do we know what Matousec means by "Highest Security" in regards to CPF?  I realize the "Default" is probably from an automatic install; CPF's regular settings.  What is their "Highest"?

TNX,

LM
These forums are focused on providing help and improvement for Comodo products.  Please treat other users with respect and make a positive contribution.  Thanks.
Forum Policy

Offline egemen

  • Comodo Staff
  • Comodo's Hero
  • *****
  • Posts: 3380
Re: An Independent Firewall Leak Testing
« Reply #9 on: November 30, 2006, 11:50:01 AM »
Egemen, Melih,

Do we know what Matousec means by "Highest Security" in regards to CPF?  I realize the "Default" is probably from an automatic install; CPF's regular settings.  What is their "Highest"?

TNX,

LM

It should mean "Do not show alerts for the applications certified by COMODO" option disabled. With this option enabled CPF fails wallbreaker(1,3,4) tests. 

Other than that out of the box for anti-leak resistance should be as good. And for that test, we intentionally skipped further checks because it would generate unnecessarily large number of alerts. So when HIPS enabled CPF is released, it will ask before the process is executed as others do.

Currently, it does not pose a really serious risk because it is highly visible to the user(Otherwise CPF would catch).

You can leave your settings as out of the box.

Egemen

Offline Little Mac

  • Forum Volunteer
  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 6303
  • The Colonel told me to.
Re: An Independent Firewall Leak Testing
« Reply #10 on: November 30, 2006, 12:16:33 PM »
Thanks for the info, Egemen!

LM
These forums are focused on providing help and improvement for Comodo products.  Please treat other users with respect and make a positive contribution.  Thanks.
Forum Policy

Offline solo

  • Comodo Loves me
  • ****
  • Posts: 153
Re: An Independent Firewall Leak Testing
« Reply #11 on: December 05, 2006, 11:38:23 AM »
Here "cheating" means "inadequate defense".  So its defense is good enough to pass the leak tests. But when it comes to the real world, such a defense is hardly enough.

So please note that "Cheating" does not mean "deception" in this context.

Egemen

In a way, cheating in this context does mean deception:  deception of the end user.  Outpost Pro wants the end user to feel fully ptotected by putting in measures that will get around the leak test.  But in reality, the measures in place will not truly protect the end user from "real world" malware.

I would call that deception.

 

Free Endpoint Protection
Seo4Smf 2.0 © SmfMod.Com Smf Destek