I recently upgraded my Comodo Firewall from v5.0 to 5.3. Before that, I was getting a 100% (340/340) mark using the Comodo Firewall Leaktest Test My PC Security
When I upgraded, I was required to uninstall the previous version and so I guess my settings got erased. Now, I’m getting only 210/340 using the installation default settings. It says my vulnerabilities are:
RootkitInstallation: ChangeDrvPath
Invasion: RawDisk
Invasion: FileDrop
Injection: SetWinEventHook
Injection: SetWindowsHookEx
Injection: Services
Injection: KnownDlls
Impersonation: DDE
Impersonation: Coat
Hijacking: Userinit
Hijacking: SupersedeServiceDll
Hijacking: StartupPrograms
Hijacking: AppinitDlls
What modifications or settings do I need to do to get it back to 340/340?
Apparently CLT was not designed to test HIPS security from within the sandbox.
You need to disable it for this test.
The first time I ran it I had the sandbox enabled and it threw off the results.
Then I found this… https://forums.comodo.com/empty-t61715.0.html
and after following the instructions on how to clean up any rules that were made the first time I ran the test, as well as how to delete the Internet Explorer (IE) browsing history cache, I got a perfect score.
It might help to also run CCleaner to clean up any left over temp files.
Run CLT*. If you get an alert from the antivirus, click “ignore” and then “Add to trusted files” (the antivirus is alerting you that a leak test application has been launched [it’s flagged as “Application.Win32.LeakTest…”]; it is not saying that the file is malicious).
The first alert that appears should be a defense+ alert that says “explorer.exe is a safe application. However, the executable clt.exe could not be recognized…” For this alert, make sure that “remember my answer” is unchecked, and then click allow.
The CLT program window should appear. Click the “Test” button in CLT and, from this point onward, click “block” when a CIS alert appears.
I tried this but it would not run on Win 7. May be I will test it later on XP.
and fails even in Procx test look at http://www.testmypcsecurity.com/securitytests/procx.htmland
Tested on Win 7 and it could not terminate other programs sandboxed or when sandbox disabled. In the latter case I would get a D+ alert.
fails even in browser test look at http://www.pcflank.com/browser_test1.htm and at http://www.pcflank.com/browser_test3.htm can you resolve this security issue with a update ?
Referrer logging and cookies are things you can handle with your browser. CIS does not handle those.