Author Topic: COMODO Leak Test Suite Updated Version  (Read 290403 times)

Offline SivaSuresh

  • Star Group
  • Comodo's Hero
  • *****
  • Posts: 1377
  • Avert the danger that has not yet come
Re: COMODO Leak Test Suite Updated Version
« Reply #135 on: March 13, 2012, 01:40:40 AM »
the only alert you should allow is the first one which says explorer.exe is trying to execute clt.exe. then block the rest of the alerts. (if you have the sandbox disabled)

no clt is not made to test the sandbox it is meant to test the firewall and defense +. have you tried following the advice given in this article to get accurate leak test results?
Thanks for the suggestion.

I followed the post. Now I get 340/340. :-TU
My only mistake was I left Sandbox enabled (that was the default of course) :(

Now I am enabling again (I need sandbox, don't I ?) ;D
with love Siva Suresh
|| Windows7 x64 | CIS 10 | Firefox | Thunderbird | CCleaner | Evernote | PStart | UltraCopier | Dropbox | TeamViewer | Screenshot Captor ||
|| AMD Phenom II x4 955B | ASUS M4A88TD | 8GB DDR3 RAM | 240GB Sandisk SSD  || 6TB SATA II HDD 6Gb/s

Offline wasgij6

  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 5717
Re: COMODO Leak Test Suite Updated Version
« Reply #136 on: March 13, 2012, 01:46:49 AM »
Thanks for the suggestion.

I followed the post. Now I get 340/340. :-TU
My only mistake was I left Sandbox enabled (that was the default of course) :(

Now I am enabling again (I need sandbox, don't I ?) ;D

no problem, good to hear that you fixed the problem.

Do you need the sanbox?
Depends on how you want cis to act. if you want less alerts and dont mind things getting sandboxed, you can leave it enabled. Or if your like me you can disabled it. i would rather see the alerts and know if the app is safe i can give the file/app the proper rights then later submit it to be whitelisted.
| Win 10 Pro (x64) | UAC Disabled | CCAV | Intel i7 4770k | Asus Maximus VI Formula Mobo | Asus GeForce GTX 780 | G.Skill TridentX 32gb RAM | Samsung 850 Pro SSD |

Offline SivaSuresh

  • Star Group
  • Comodo's Hero
  • *****
  • Posts: 1377
  • Avert the danger that has not yet come
Re: COMODO Leak Test Suite Updated Version
« Reply #137 on: March 13, 2012, 02:06:15 AM »
no problem, good to hear that you fixed the problem.

Do you need the sanbox?
Depends on how you want cis to act. if you want less alerts and dont mind things getting sandboxed, you can leave it enabled. Or if your like me you can disabled it. i would rather see the alerts and know if the app is safe i can give the file/app the proper rights then later submit it to be whitelisted.
That suits more to me too, only if I am the only user on the system.  :-TU
Unfortunately that is not my case. Many other people including children use my system.
So I definitely need the Sandbox. ;)
with love Siva Suresh
|| Windows7 x64 | CIS 10 | Firefox | Thunderbird | CCleaner | Evernote | PStart | UltraCopier | Dropbox | TeamViewer | Screenshot Captor ||
|| AMD Phenom II x4 955B | ASUS M4A88TD | 8GB DDR3 RAM | 240GB Sandisk SSD  || 6TB SATA II HDD 6Gb/s

Offline wasgij6

  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 5717
Re: COMODO Leak Test Suite Updated Version
« Reply #138 on: March 13, 2012, 02:40:29 AM »
That suits more to me too, only if I am the only user on the system.  :-TU
Unfortunately that is not my case. Many other people including children use my system.
So I definitely need the Sandbox. ;)

ya in your case i would keep the sandbox enabled.
| Win 10 Pro (x64) | UAC Disabled | CCAV | Intel i7 4770k | Asus Maximus VI Formula Mobo | Asus GeForce GTX 780 | G.Skill TridentX 32gb RAM | Samsung 850 Pro SSD |

Offline loverboy

  • Comodo's Hero
  • *****
  • Posts: 427
Re: COMODO Leak Test Suite Updated Version
« Reply #139 on: April 09, 2012, 01:30:58 PM »
Is it possible to have an updated leak test, with tests exploiting 64bit Windows 7?
Windows 7 Home Premium 64bit SP1
NOD32 Antivirus 8.0.319.0
COMODO CIS 8.4.0.5165
Configuration: Proactive Security
Firewall: Custom Ruleset
HIPS: Clean PC Mode
Auto-Sandbox: Disabled

Offline SivaSuresh

  • Star Group
  • Comodo's Hero
  • *****
  • Posts: 1377
  • Avert the danger that has not yet come
Re: COMODO Leak Test Suite Updated Version
« Reply #140 on: April 09, 2012, 10:23:09 PM »
Is it possible to have an updated leak test, with tests exploiting 64bit Windows 7?
I would also like to know the same...
with love Siva Suresh
|| Windows7 x64 | CIS 10 | Firefox | Thunderbird | CCleaner | Evernote | PStart | UltraCopier | Dropbox | TeamViewer | Screenshot Captor ||
|| AMD Phenom II x4 955B | ASUS M4A88TD | 8GB DDR3 RAM | 240GB Sandisk SSD  || 6TB SATA II HDD 6Gb/s

Offline military

  • Comodo's Hero
  • *****
  • Posts: 753
    • comss.ru
Re: COMODO Leak Test Suite Updated Version
« Reply #141 on: July 04, 2012, 02:16:39 AM »
SpyShelter Firewall 1.0
Oracle VM VBox
Win 7Ultimate x64

 it is possible? 350/340  ???
Мужество, спокойствие и доверие.

Offline christos

  • Newbie
  • *
  • Posts: 1
Re: COMODO Leak Test Suite Updated Version
« Reply #142 on: August 26, 2012, 07:35:22 PM »
COMODO Leaktests v.1.1.0.3
 
Date 00:32:50 - 27/08/2012
 
OS Windows Vista SP1 build 7601
 
1. RootkitInstallation: MissingDriverLoad Protected
2. RootkitInstallation: LoadAndCallImage Protected
3. RootkitInstallation: DriverSupersede Protected
4. RootkitInstallation: ChangeDrvPath Vulnerable
5. Invasion: Runner Protected
6. Invasion: RawDisk Vulnerable
7. Invasion: PhysicalMemory Protected
8. Invasion: FileDrop Vulnerable
9. Invasion: DebugControl Protected
10. Injection: SetWinEventHook Vulnerable
11. Injection: SetWindowsHookEx Vulnerable
12. Injection: SetThreadContext Protected
13. Injection: Services Vulnerable
14. Injection: ProcessInject Protected
15. Injection: KnownDlls Vulnerable
16. Injection: DupHandles Protected
17. Injection: CreateRemoteThread Protected
18. Injection: APC dll injection Protected
19. Injection: AdvancedProcessTermination Protected
20. InfoSend: ICMP Test Protected
21. InfoSend: DNS Test Vulnerable
22. Impersonation: OLE automation Protected
23. Impersonation: ExplorerAsParent Vulnerable
24. Impersonation: DDE Vulnerable
25. Impersonation: Coat Vulnerable
26. Impersonation: BITS Protected
27. Hijacking: WinlogonNotify Protected
28. Hijacking: Userinit Vulnerable
29. Hijacking: UIHost Protected
30. Hijacking: SupersedeServiceDll Vulnerable
31. Hijacking: StartupPrograms Vulnerable
32. Hijacking: ChangeDebuggerPath Protected
33. Hijacking: AppinitDlls Vulnerable
34. Hijacking: ActiveDesktop Protected
Score 190/340
 
I'm using Windows 7!

Offline Citizen K

  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 26198
Re: COMODO Leak Test Suite Updated Version
« Reply #143 on: August 26, 2012, 07:41:10 PM »
Please follow the instructions in Getting Accurate Leak Test Results.

I's important to follow them as the leaktest was meant to test a HIPS only solution and not a HIPS/sandbox combination.

Offline bens09

  • Newbie
  • *
  • Posts: 6
Impersonation: ExplorerAsParent Vulnerable
« Reply #144 on: August 27, 2012, 06:38:50 AM »
Hello,

I used the CLT utility many times while applying different configuration. When I execute the program, defense plus suggest me to sandbox it so I do it. In proactive mode, the CLT.exe sandboxed as partially limited, everything is protected besides Impersonation: ExplorerAsParent. An internet explorer window opens when this test is initiated. Could you please help me? Can I protect this and make it invulnerable?

Thanks!

[attachment deleted by admin]

Offline bzrwon

  • Newbie
  • *
  • Posts: 24
Re: COMODO Leak Test Suite Updated Version
« Reply #145 on: April 01, 2013, 03:18:01 AM »
First up I must say congrats on CIS 2013, so far I'm very impressed with it, esp the FW, when tweaked this thing rejects pretty much everything I throw at it, that been said like many others, I was wondering if there are any plans to update the Comodo Leak test and or a version for 64 bit and or Windows 8? Also there needs to be an updated version of Getting Accurate Results, as it's currently only for CIS v5, some of those steps don't or can't be applied in v6 and no matter what I do I can only get a max of 310/340 in sandbox mode with Win 8 64 bit:
10. Injection: SetWinEventHook   Vulnerable
11. Injection: SetWindowsHookEx   Vulnerable
24. Impersonation: DDE           Vulnerable

Obviously if I allow it, I only get a dismal190/340 but I'm not too fussed with these test results as I've tried most of the other leak tests out their and it stops them dead in their tracks and if you run MBAM alongside it, what ever (if any) CIS misses it usually blocks and or quarantines, add running browsers in sandbox mode and it doesn't really faze me that the tests aren't perfect, esp on a Win 8 64 bit box but still an updated leak test and or how to guide would be peace of mind, I know I'm not the only one who thinks this, other than that, keep up the good work :)

Offline malwarekiller

  • Comodo Loves me
  • ****
  • Posts: 194
Re: COMODO Leak Test Suite Updated Version
« Reply #146 on: June 07, 2013, 07:12:04 AM »
Running CIS v6.1 latest version fully updated and its completely default settings.

I cant get the test to run...I click isolate and then click test when the window appears and the test isnt doing anything I can a 0/0 as score despite clicking the test button a no. of times.  :o

Offline 23

  • Comodo's Hero
  • *****
  • Posts: 448
Re: COMODO Leak Test Suite Updated Version
« Reply #147 on: November 30, 2016, 12:44:34 PM »
What happened with CLT? Download links don't work anymore.

Offline JoWa

  • Humanist
  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 6438
  • I believe in doubt.
    • Evolutionary history of life
Re: COMODO Leak Test Suite Updated Version
« Reply #148 on: June 28, 2017, 01:30:07 PM »
I ran CLT 1.1.0.3 on Windows 10 (1703) 64-bit. No third-party security software.

Administrator: 220/340
4. RootkitInstallation: ChangeDrvPath   Vulnerable
6. Invasion: RawDisk   Vulnerable
8. Invasion: FileDrop   Vulnerable
10. Injection: SetWinEventHook   Vulnerable
11. Injection: SetWindowsHookEx   Vulnerable
13. Injection: Services   Vulnerable
21. InfoSend: DNS Test   Vulnerable
24. Impersonation: DDE   Vulnerable
25. Impersonation: Coat   Vulnerable
30. Hijacking: SupersedeServiceDll   Vulnerable
31. Hijacking: StartupPrograms   Vulnerable
33. Hijacking: AppinitDlls   Vulnerable

User: 290/340
10. Injection: SetWinEventHook   Vulnerable
11. Injection: SetWindowsHookEx   Vulnerable
21. InfoSend: DNS Test   Vulnerable
24. Impersonation: DDE   Vulnerable
25. Impersonation: Coat   Vulnerable

User at low integrity level: 310/340
10. Injection: SetWinEventHook   Vulnerable
11. Injection: SetWindowsHookEx   Vulnerable
21. InfoSend: DNS Test   Vulnerable
Ubuntu 21.04 | Firefox 90β | HTTPS Only Mode | Privacy Badger
Forum Policy | Comodo Product Help

Offline qmarius

  • Star Group
  • Comodo's Hero
  • *****
  • Posts: 3843
  • making simple things complicated
Re: COMODO Leak Test Suite Updated Version
« Reply #149 on: June 29, 2017, 03:06:39 PM »
That's interesting, JoWa. I was expecting something like that. Curious to see if anyone else gets same score.

 

Free Endpoint Protection
Seo4Smf 2.0 © SmfMod.Com Smf Destek