Author Topic: COMODO Leak Test Suite Updated Version  (Read 232970 times)

Offline egemen

  • Comodo Staff
  • Comodo's Hero
  • *****
  • Posts: 3380
COMODO Leak Test Suite Updated Version
« on: November 14, 2008, 02:18:05 PM »
Hi Guys,

We have updated the Leak Test Suite. The purpose of this update is to fix the incorrect scores. There was a bug in CLT which was causing wrong results to be produced.

The updated version will be available in the web site possibly on Monday. But you can download it now from the attachment.

Cheers,
egemen

[Mod Edit By Chiron]
Please note that this leaktest was not designed to work with the Sandbox. Thus any results you get while running it in the sandbox should be considered very unreliable. It is not a good test for the more recent version of Comodo Firewall.


Mod Edit By Futuretech: Re-attached CLT.zip
« Last Edit: April 08, 2017, 09:56:59 AM by futuretech »

Offline Ragwing

  • Comodo's Hero
  • *****
  • Posts: 3498
Re: COMODO Leak Test Suite Updated Version
« Reply #1 on: November 14, 2008, 02:39:28 PM »
It now fails Hijacking : StartupPrograms with CIS 3.5.54375.427 with Defense+ in Paranoid Mode and the firewall in Custom Policy Mode. I'm using Windows XP SP3 without any security software except for CIS (and yes, I blocked everything). I got 250/340 this time on a limited user account without any protection (compared to 240 last time).
I do have one question about Active Desktop. It's says I'm vulnerable, however, the HTML-file required for Active Desktop can't be found. I get an error message like this (translated from Swedish to English):
Quote
Unable to find the HTML-file for Active Desktop. This file is required to use Active Desktop.

Click OK to disable Active Desktop.

It's obviously trying to use Active Desktop, but it fails, so how come I'm vulnerable?

Offline loverboy

  • Comodo's Hero
  • *****
  • Posts: 427
Re: COMODO Leak Test Suite Updated Version
« Reply #2 on: November 14, 2008, 02:45:49 PM »
340/340  (L) on XP Home SP3
ProActive Security
FW Custom Policy Mode
D+ Clean PC Mode

The only thing that doesn't work is the "question mark" button (?) on the Bottom Left :-\

*EDIT*
It works... my mistake (I blocked it)
« Last Edit: November 14, 2008, 03:26:00 PM by hullboy »
Windows 7 Home Premium 64bit SP1
NOD32 Antivirus 8.0.319.0
COMODO CIS 8.4.0.5165
Configuration: Proactive Security
Firewall: Custom Ruleset
HIPS: Clean PC Mode
Auto-Sandbox: Disabled

Offline John Buchanan

  • "Democracy is two wolves and a lamb voting on what to have for lunch. Liberty is a well armed lamb contesting the outcome of the vote." ~ Benjamin Franklin
  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 6573
  • Personal Dragons can be defeated. Improve yourself
Re: COMODO Leak Test Suite Updated Version
« Reply #3 on: November 14, 2008, 03:19:10 PM »
340/340
Proactive Security
FW Safe Mode
D+ Safe Mode
Please follow Comodo Forum Policy

Bah! Ban 'em all! The only good member is a banned member
And a member is just a policy violator who hasn't been caught yet. >:-D

Offline loverboy

  • Comodo's Hero
  • *****
  • Posts: 427
Re: COMODO Leak Test Suite Updated Version
« Reply #4 on: November 14, 2008, 03:28:52 PM »
The only suggestion I would like to propose (from a tutorial point of view) is merging the information contained into clt.html into the CLT screen, test by test, so that while running the tests you also learn something.
Windows 7 Home Premium 64bit SP1
NOD32 Antivirus 8.0.319.0
COMODO CIS 8.4.0.5165
Configuration: Proactive Security
Firewall: Custom Ruleset
HIPS: Clean PC Mode
Auto-Sandbox: Disabled

Offline John Buchanan

  • "Democracy is two wolves and a lamb voting on what to have for lunch. Liberty is a well armed lamb contesting the outcome of the vote." ~ Benjamin Franklin
  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 6573
  • Personal Dragons can be defeated. Improve yourself
Re: COMODO Leak Test Suite Updated Version
« Reply #5 on: November 15, 2008, 12:26:42 AM »
An interesting suggestion, Hullboy.
Please follow Comodo Forum Policy

Bah! Ban 'em all! The only good member is a banned member
And a member is just a policy violator who hasn't been caught yet. >:-D

Offline prandi63

  • Computer Security Testing Group
  • Comodo Family Member
  • *****
  • Posts: 93
Re: COMODO Leak Test Suite Updated Version
« Reply #6 on: November 15, 2008, 07:10:19 AM »
Hye guys ,
i did try this test and my score is 30/340 and i think is very low score.
On pcflank and shields up all test are right and i feel surprice i have this score.
I would like get better result and get feeling a savely laptop
Well,i have no knowledge about firewall and setting but by default i have :

FW = Costum Policy Mode (Very high)
D+ = Paranoid Mode

What i have to do ???
Any help will be appreciated

Regards
prandi63

[attachment deleted by admin]
« Last Edit: November 15, 2008, 07:32:11 AM by prandi63 »

DarkButterfly

  • Guest
Re: COMODO Leak Test Suite Updated Version
« Reply #7 on: November 15, 2008, 08:14:54 AM »
340/340

One issue: My results did not appear in IE. I blocked everything I had to block just as I did in the previous test suite.

Offline Kyle

  • Computer Security Testing Group
  • Comodo's Hero
  • *****
  • Posts: 3679
Re: COMODO Leak Test Suite Updated Version
« Reply #8 on: November 15, 2008, 09:25:48 AM »
Hye guys ,
i did try this test and my score is 30/340 and i think is very low score.
On pcflank and shields up all test are right and i feel surprice i have this score.
I would like get better result and get feeling a savely laptop
Well,i have no knowledge about firewall and setting but by default i have :

FW = Costum Policy Mode (Very high)
D+ = Paranoid Mode

What i have to do ???
Any help will be appreciated

Regards
prandi63

Hello, GRC Shields up is an  INBOUND test that see's if your computer responds to it's pings, CLT tests different methods of outbound and hips tests.
Windows 7 x64
AMD FX 8120, 8gb ram, ATI 6870 1gb

Offline John Buchanan

  • "Democracy is two wolves and a lamb voting on what to have for lunch. Liberty is a well armed lamb contesting the outcome of the vote." ~ Benjamin Franklin
  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 6573
  • Personal Dragons can be defeated. Improve yourself
Re: COMODO Leak Test Suite Updated Version
« Reply #9 on: November 15, 2008, 09:43:41 AM »
Remove any firewall rules that may have been created for the leak test.
Place CIS in Proactive Defense -> right-click the icon, select Configuration/Comodo - Proactive Security.
Block everyhing.
While testing the products, you might see some internet explorer windows opened.
Until the tests are finished, DO NOT close them manually.
Otherwise you might get wrong results.
Vista x64 If you fail test 7, UserInit, add
HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon*
to D+ My Protected Registry Keys.
Please follow Comodo Forum Policy

Bah! Ban 'em all! The only good member is a banned member
And a member is just a policy violator who hasn't been caught yet. >:-D

Offline prandi63

  • Computer Security Testing Group
  • Comodo Family Member
  • *****
  • Posts: 93
Re: COMODO Leak Test Suite Updated Version
« Reply #10 on: November 16, 2008, 06:21:25 AM »
Hye,
i did make something wrong because i got my laptop out off control (authorization message) so i need to format OS HD and 3 day to install all .
Sorry but i am getting in confusing , just to try to clear about configuration...
Rules i have to write down on Internet Security but for this test i have to change in Proactive Security.
What it means ??
Is Cis using all setting in ones or depending off configuration it's works ??
Still 30/340 my result

Regards
prandi63

DarkButterfly

  • Guest
Re: COMODO Leak Test Suite Updated Version
« Reply #11 on: November 16, 2008, 06:40:58 AM »
Hye,
i did make something wrong because i got my laptop out off control (authorization message) so i need to format OS HD and 3 day to install all .
Sorry but i am getting in confusing , just to try to clear about configuration...
Rules i have to write down on Internet Security but for this test i have to change in Proactive Security.
What it means ??
Is Cis using all setting in ones or depending off configuration it's works ??
Still 30/340 my result

Regards
prandi63

By default, CIS (more specifically Defense+) comes crippled. How? Defense+ is not installed with full protection. The best thing to do is, after you install it, right click with your mouse over the CIS icon, then Configuration - Comodo Proactive Security.

Now, do you need to reformat your machine just because of the test?

Offline prandi63

  • Computer Security Testing Group
  • Comodo Family Member
  • *****
  • Posts: 93
Re: COMODO Leak Test Suite Updated Version
« Reply #12 on: November 16, 2008, 06:26:42 PM »
Hye ,
i had to reformat HD because i cannot use laptop ,
everything i do i get ''no authoritazion allowed'' or another message i don't remember.
It start after i did something wrong with proactive set.
You sayd i have to write all rules on this configuration ???

OK , i will do as soon as i need to off my laptop

Regards
prandi63

Offline DarkTemple

  • Newbie
  • *
  • Posts: 2
Re: COMODO Leak Test Suite Updated Version
« Reply #13 on: November 17, 2008, 02:59:40 AM »
I ran the test and I failed on 2 test:

1 test I resolved by adding HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon* as John suggested.

Can anyone tell me how to pass also the test

4. Hijacking: StartupPrograms Vulnerable

Thanks.

BTW system is Vista 64 bit
« Last Edit: November 17, 2008, 01:52:00 PM by DarkTemple »

Offline prandi63

  • Computer Security Testing Group
  • Comodo Family Member
  • *****
  • Posts: 93
Re: COMODO Leak Test Suite Updated Version
« Reply #14 on: November 17, 2008, 08:16:36 AM »
Hye ,
here is my final test :

set =proactive security
FW = custom policy mode - very high (alert)
D+ = paranoid mode


COMODO LEAKTESTS V.1.1.0.3
Date   17.36.41 - 18/11/2008

OS   Windows XP SP3 build 2600

1. RootkitInstallation: MissingDriverLoad   Protected
2. RootkitInstallation: LoadAndCallImage   Vulnerable
3. RootkitInstallation: DriverSupersede   Vulnerable
4. RootkitInstallation: ChangeDrvPath   Vulnerable
5. Invasion: Runner   Vulnerable
6. Invasion: RawDisk   Vulnerable
7. Invasion: PhysicalMemory   Vulnerable
8. Invasion: FileDrop   Vulnerable
9. Invasion: DebugControl   Vulnerable
10. Injection: SetWinEventHook   Vulnerable
11. Injection: SetWindowsHookEx   Vulnerable
12. Injection: SetThreadContext   Vulnerable
13. Injection: Services   Vulnerable
14. Injection: ProcessInject   Vulnerable
15. Injection: KnownDlls   Vulnerable
16. Injection: DupHandles   Vulnerable
17. Injection: CreateRemoteThread   Vulnerable
18. Injection: APC dll injection   Vulnerable
19. Injection: AdvancedProcessTermination   Vulnerable
20. InfoSend: ICMP Test   Protected
21. InfoSend: DNS Test   Protected
22. Impersonation: OLE automation   Vulnerable
23. Impersonation: ExplorerAsParent   Vulnerable
24. Impersonation: DDE   Vulnerable
25. Impersonation: Coat   Vulnerable
26. Impersonation: BITS   Vulnerable
27. Hijacking: WinlogonNotify   Vulnerable
28. Hijacking: Userinit   Vulnerable
29. Hijacking: UIHost   Vulnerable
30. Hijacking: SupersedeServiceDll   Vulnerable
31. Hijacking: StartupPrograms   Vulnerable
32. Hijacking: ChangeDebuggerPath   Vulnerable
33. Hijacking: AppinitDlls   Vulnerable
34. Hijacking: ActiveDesktop   Vulnerable
Score   30/340

Final result = 30 / 340

Why i have so low result ???

Any helping will be appreciate

Regards
prandi63

« Last Edit: November 18, 2008, 11:42:31 AM by prandi63 »

 

Seo4Smf 2.0 © SmfMod.Com Smf Destek