COMODO Leak Test Suite Updated Version

[egemen]

Hi Guys,

We have updated the Leak Test Suite. The purpose of this update is to fix the incorrect scores. There was a bug in CLT which was causing wrong results to be produced.

The updated version will be available in the web site possibly on Monday. But you can download it now from the attachment.

Cheers,
egemen

[Mod Edit By Chiron]
Please note that this leaktest was not designed to work with the Sandbox. Thus any results you get while running it in the sandbox should be considered very unreliable. It is not a good test for the more recent version of Comodo Firewall.

Mod Edit By Futuretech: Re-attached CLT.zip

[Ragwing]

It now fails Hijacking : StartupPrograms with CIS 3.5.54375.427 with Defense+ in Paranoid Mode and the firewall in Custom Policy Mode. I'm using Windows XP SP3 without any security software except for CIS (and yes, I blocked everything). I got 250/340 this time on a limited user account without any protection (compared to 240 last time).
I do have one question about Active Desktop. It's says I'm vulnerable, however, the HTML-file required for Active Desktop can't be found. I get an error message like this (translated from Swedish to English):

Unable to find the HTML-file for Active Desktop. This file is required to use Active Desktop.

Click OK to disable Active Desktop.

It's obviously trying to use Active Desktop, but it fails, so how come I'm vulnerable?

[loverboy]

340/340  (L) on XP Home SP3
ProActive Security
FW Custom Policy Mode
D+ Clean PC Mode

The only thing that doesn't work is the "question mark" button (?) on the Bottom Left

*EDIT*
It works... my mistake (I blocked it)

[John Buchanan]

340/340
Proactive Security
FW Safe Mode
D+ Safe Mode

[loverboy]

The only suggestion I would like to propose (from a tutorial point of view) is merging the information contained into clt.html into the CLT screen, test by test, so that while running the tests you also learn something.

[John Buchanan]

An interesting suggestion, Hullboy.

[prandi63]

Hye guys ,
i did try this test and my score is 30/340 and i think is very low score.
On pcflank and shields up all test are right and i feel surprice i have this score.
I would like get better result and get feeling a savely laptop
Well,i have no knowledge about firewall and setting but by default i have :

FW = Costum Policy Mode (Very high)
D+ = Paranoid Mode

What i have to do
Any help will be appreciated

Regards
prandi63

[attachment deleted by admin]

[DarkButterfly]

340/340

One issue: My results did not appear in IE. I blocked everything I had to block just as I did in the previous test suite.

[Kyle]

Hye guys ,
i did try this test and my score is 30/340 and i think is very low score.
On pcflank and shields up all test are right and i feel surprice i have this score.
I would like get better result and get feeling a savely laptop
Well,i have no knowledge about firewall and setting but by default i have :

FW = Costum Policy Mode (Very high)
D+ = Paranoid Mode

What i have to do
Any help will be appreciated

Regards
prandi63

Hello, GRC Shields up is an  INBOUND test that see's if your computer responds to it's pings, CLT tests different methods of outbound and hips tests.

[John Buchanan]

Remove any firewall rules that may have been created for the leak test.
Place CIS in Proactive Defense -> right-click the icon, select Configuration/Comodo - Proactive Security.
Block everyhing.
While testing the products, you might see some internet explorer windows opened.
Until the tests are finished, DO NOT close them manually.
Otherwise you might get wrong results.
Vista x64 If you fail test 7, UserInit, add
HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon*
to D+ My Protected Registry Keys.

[prandi63]

Hye,
i did make something wrong because i got my laptop out off control (authorization message) so i need to format OS HD and 3 day to install all .
Sorry but i am getting in confusing , just to try to clear about configuration...
Rules i have to write down on Internet Security but for this test i have to change in Proactive Security.
What it means ??
Is Cis using all setting in ones or depending off configuration it's works ??
Still 30/340 my result

Regards
prandi63

[DarkButterfly]

Hye,
i did make something wrong because i got my laptop out off control (authorization message) so i need to format OS HD and 3 day to install all .
Sorry but i am getting in confusing , just to try to clear about configuration...
Rules i have to write down on Internet Security but for this test i have to change in Proactive Security.
What it means ??
Is Cis using all setting in ones or depending off configuration it's works ??
Still 30/340 my result

Regards
prandi63

By default, CIS (more specifically Defense+) comes crippled. How? Defense+ is not installed with full protection. The best thing to do is, after you install it, right click with your mouse over the CIS icon, then Configuration - Comodo Proactive Security.

Now, do you need to reformat your machine just because of the test?

[prandi63]

Hye ,
i had to reformat HD because i cannot use laptop ,
everything i do i get ''no authoritazion allowed'' or another message i don't remember.
It start after i did something wrong with proactive set.
You sayd i have to write all rules on this configuration

OK , i will do as soon as i need to off my laptop

Regards
prandi63

[DarkTemple]

I ran the test and I failed on 2 test:

1 test I resolved by adding HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon* as John suggested.

Can anyone tell me how to pass also the test

4. Hijacking: StartupPrograms Vulnerable

Thanks.

BTW system is Vista 64 bit

[prandi63]

Hye ,
here is my final test :

set =proactive security
FW = custom policy mode - very high (alert)
D+ = paranoid mode


COMODO LEAKTESTS V.1.1.0.3
Date   17.36.41 - 18/11/2008

OS   Windows XP SP3 build 2600

1. RootkitInstallation: MissingDriverLoad   Protected
2. RootkitInstallation: LoadAndCallImage   Vulnerable
3. RootkitInstallation: DriverSupersede   Vulnerable
4. RootkitInstallation: ChangeDrvPath   Vulnerable
5. Invasion: Runner   Vulnerable
6. Invasion: RawDisk   Vulnerable
7. Invasion: PhysicalMemory   Vulnerable
8. Invasion: FileDrop   Vulnerable
9. Invasion: DebugControl   Vulnerable
10. Injection: SetWinEventHook   Vulnerable
11. Injection: SetWindowsHookEx   Vulnerable
12. Injection: SetThreadContext   Vulnerable
13. Injection: Services   Vulnerable
14. Injection: ProcessInject   Vulnerable
15. Injection: KnownDlls   Vulnerable
16. Injection: DupHandles   Vulnerable
17. Injection: CreateRemoteThread   Vulnerable
18. Injection: APC dll injection   Vulnerable
19. Injection: AdvancedProcessTermination   Vulnerable
20. InfoSend: ICMP Test   Protected
21. InfoSend: DNS Test   Protected
22. Impersonation: OLE automation   Vulnerable
23. Impersonation: ExplorerAsParent   Vulnerable
24. Impersonation: DDE   Vulnerable
25. Impersonation: Coat   Vulnerable
26. Impersonation: BITS   Vulnerable
27. Hijacking: WinlogonNotify   Vulnerable
28. Hijacking: Userinit   Vulnerable
29. Hijacking: UIHost   Vulnerable
30. Hijacking: SupersedeServiceDll   Vulnerable
31. Hijacking: StartupPrograms   Vulnerable
32. Hijacking: ChangeDebuggerPath   Vulnerable
33. Hijacking: AppinitDlls   Vulnerable
34. Hijacking: ActiveDesktop   Vulnerable
Score   30/340

Final result = 30 / 340

Why i have so low result

Any helping will be appreciate

Regards
prandi63