Author Topic: COMODO Leak Test Suite Updated Version  (Read 232863 times)

Offline samahita

  • Newbie
  • *
  • Posts: 2
Get 310/340 with new CLT test. 3 fails.
« Reply #15 on: November 18, 2008, 11:21:10 PM »
Get 310/340 with new test. These 3 fails.
6. Invasion: RawDisk   Vulnerable
8. Invasion: FileDrop   Vulnerable
15. Injection: KnownDlls   Vulnerable
Firewall safe mode
Defense+ sage mode

Any ideas or comments on how to achieve 340/340 security?

Offline samahita

  • Newbie
  • *
  • Posts: 2
Re: COMODO Leak Test Suite Updated Version
« Reply #16 on: November 18, 2008, 11:50:14 PM »
Now get 340/340 with XP SP3
Firewall = safe mode
Defense+ = safe mode
AND NOW
Configuration = Proactive security
 (R)  (L)

Offline Ya5h Kh4n

  • Comodo's Hero
  • *****
  • Posts: 5124
Re: COMODO Leak Test Suite Updated Version
« Reply #17 on: November 20, 2008, 06:55:21 AM »
COMODO Leaktests v.1.1.0.3
 
Date 5:10:31 PM - 11/20/2008
 
OS Windows XP SP3 build 2600

pc tools firewall plus  4.0.0.45 with default setting 170/340 ( pretty good score without hips. with hips enabled i.e threatfire, it blocked full test 340/340
 
1. RootkitInstallation: MissingDriverLoad Protected
2. RootkitInstallation: LoadAndCallImage Vulnerable
3. RootkitInstallation: DriverSupersede Vulnerable
4. RootkitInstallation: ChangeDrvPath Vulnerable
5. Invasion: Runner Protected
6. Invasion: RawDisk Vulnerable
7. Invasion: PhysicalMemory Protected
8. Invasion: FileDrop Vulnerable
9. Invasion: DebugControl Vulnerable
10. Injection: SetWinEventHook Protected
11. Injection: SetWindowsHookEx Protected
12. Injection: SetThreadContext Protected
13. Injection: Services Vulnerable
14. Injection: ProcessInject Protected
15. Injection: KnownDlls Vulnerable
16. Injection: DupHandles Protected
17. Injection: CreateRemoteThread Protected
18. Injection: APC dll injection Protected
19. Injection: AdvancedProcessTermination Vulnerable
20. InfoSend: ICMP Test Protected
21. InfoSend: DNS Test Protected
22. Impersonation: OLE automation Protected
23. Impersonation: ExplorerAsParent Protected
24. Impersonation: DDE Protected
25. Impersonation: Coat Protected
26. Impersonation: BITS Vulnerable
27. Hijacking: WinlogonNotify Vulnerable
28. Hijacking: Userinit Vulnerable
29. Hijacking: UIHost Vulnerable
30. Hijacking: SupersedeServiceDll Vulnerable
31. Hijacking: StartupPrograms Vulnerable
32. Hijacking: ChangeDebuggerPath Vulnerable
33. Hijacking: AppinitDlls Vulnerable
34. Hijacking: ActiveDesktop Protected
Score 170/340
 

(C) COMODO 2008
;)Its hard to find the right ones when the wrong ones are so sexy;)

Offline Jahn

  • Comodo's Hero
  • *****
  • Posts: 263
Re: COMODO Leak Test Suite Updated Version
« Reply #18 on: November 20, 2008, 08:55:03 PM »
340/340 on XP Home SP2 :-TU

Comodo Proactive Security
Firewall - Safe Mode
Defense+ - Safe Mode

 
(V)
Proud Comodo user since 2006 :)

Offline Ya5h Kh4n

  • Comodo's Hero
  • *****
  • Posts: 5124
Re: COMODO Leak Test Suite Updated Version
« Reply #19 on: November 21, 2008, 03:33:01 AM »
what kinda default settings are these-------

here is my leak test results with CIS latest version, default settings------ 50/340. (each and every pop ups blocked during tests).

Mr. Melih, CIS with default settings is a threat for majority of users i.e 70-80% users who use default settings. default settings should be decent and effective coz majority of users rely on default settings. 50/340 dont you think these default settings needs a lot of improvements. wot say guyz !!!!!!!

;)Its hard to find the right ones when the wrong ones are so sexy;)

Offline ganda

  • thermodynamic defier
  • Comodo's Hero
  • *****
  • Posts: 5896
Re: COMODO Leak Test Suite Updated Version
« Reply #20 on: November 22, 2008, 02:13:56 AM »
what kinda default settings are these-------

here is my leak test results with CIS latest version, default settings------ 50/340. (each and every pop ups blocked during tests).

Mr. Melih, CIS with default settings is a threat for majority of users i.e 70-80% users who use default settings. default settings should be decent and effective coz majority of users rely on default settings. 50/340 dont you think these default settings needs a lot of improvements. wot say guyz !!!!!!!


huh ??? i've read some ppl didn't get max score with default setting, but 50/340 ???

Offline prandi63

  • Computer Security Testing Group
  • Comodo Family Member
  • *****
  • Posts: 93
Re: COMODO Leak Test Suite Updated Version
« Reply #21 on: November 22, 2008, 06:33:16 AM »
Hye,
50/340 ???
i wish i could get this score, i have only 30/340 and it is about 1 week i ask anywhere i can get better score.....
For this test,i trying to do some change myself,result ???
I need to format my os hd once(2 days spending off installing about 60 programs) and i unistall and reinstall(cleaning regedit all the time between operation) about now 7 times,score is always the same
Maybe cause off this result it is a have a USB modem plug in and i don't use lan but ordinary usb adsl.
I am really dissapoint about this..and i feel to try another firewall that in my case offer me better protection
Regards
prandi63
 

DarkButterfly

  • Guest
Re: COMODO Leak Test Suite Updated Version
« Reply #22 on: November 22, 2008, 07:05:02 AM »
huh ??? i've read some ppl didn't get max score with default setting, but 50/340 ???

The user has got a point, though. CIS's default settings should provide a stong protection for the average user who has no idea how to answer to all those alerts in Safe Mode or even in Paranoid Mode. They would freak out!!!! And with a good reason.

Most of security suites and other security apps offer a great protection with default settings, but seems not to be the case with CIS.

I really would like to see, in this case, Defense+, to offer a very strong protection without freaking out users. Why not, perhaps, rebuild Defense+ from scratch so that it will be a mixture of HIPS and Behavior Blocker (without user interaction), so that most users can have D+ with default settings? And when I mean default settings, I mean all the main settings of Defense+, just not as much as intrusive as it is right now.

(I will be testing BitDefender Total Security later without both Default and Advanced settings. I have a legal license!!! Be grumpy! Call me greedy!!! ;) I got it from BitDefender when I beta tested their software. Cool!!! Will see how it performs.)

Offline gibran

  • Average User
  • Comodo's Hero
  • *****
  • Posts: 5056
  • A bad workman always blames his tools
Re: COMODO Leak Test Suite Updated Version
« Reply #23 on: November 23, 2008, 08:52:53 AM »
what kinda default settings are these-------

here is my leak test results with CIS latest version, default settings------ 50/340. (each and every pop ups blocked during tests).

Mr. Melih, CIS with default settings is a threat for majority of users i.e 70-80% users who use default settings. default settings should be decent and effective coz majority of users rely on default settings. 50/340 dont you think these default settings needs a lot of improvements. wot say guyz !!!!!!!



CIS latest version with default setting reach 320/340.
"In the beginning the Universe was created. This has made a lot of people very angry and has been widely regarded as a bad move."- Douglas Adams

Offline gibran

  • Average User
  • Comodo's Hero
  • *****
  • Posts: 5056
  • A bad workman always blames his tools
Re: COMODO Leak Test Suite Updated Version
« Reply #24 on: November 23, 2008, 08:55:22 AM »
Hye,
50/340 ???
i wish i could get this score, i have only 30/340 and it is about 1 week i ask anywhere i can get better score.....
For this test,i trying to do some change myself,result ???
I need to format my os hd once(2 days spending off installing about 60 programs) and i unistall and reinstall(cleaning regedit all the time between operation) about now 7 times,score is always the same
Maybe cause off this result it is a have a USB modem plug in and i don't use lan but ordinary usb adsl.
I am really dissapoint about this..and i feel to try another firewall that in my case offer me better protection
Regards
prandi63
 

Please open a topic about that in D+ help section on the international board. I'm sure you'll get plenty of help.
"In the beginning the Universe was created. This has made a lot of people very angry and has been widely regarded as a bad move."- Douglas Adams

Offline gibran

  • Average User
  • Comodo's Hero
  • *****
  • Posts: 5056
  • A bad workman always blames his tools
Re: COMODO Leak Test Suite Updated Version
« Reply #25 on: November 23, 2008, 08:58:18 AM »
Truth is guys and gals, you can't trust any leaktest program designed by a firewall builder. It's always gear toward their program being number #1. That's why you were asked to check  the program their way, to PASS with flying colors

You forgot to mention that indipendent developed testsuites are there to eventually confirm the results.

Leaktest are PoC meant to address specific vulnerabilities I guess the consideration to trust the result or not should be at least backed with some more argumentative attempt other than leveraging on mistrust.
« Last Edit: November 23, 2008, 09:05:55 AM by gibran »
"In the beginning the Universe was created. This has made a lot of people very angry and has been widely regarded as a bad move."- Douglas Adams

Offline gibran

  • Average User
  • Comodo's Hero
  • *****
  • Posts: 5056
  • A bad workman always blames his tools
Re: COMODO Leak Test Suite Updated Version
« Reply #26 on: November 23, 2008, 09:18:51 AM »
I really would like to see, in this case, Defense+, to offer a very strong protection without freaking out users. Why not, perhaps, rebuild Defense+ from scratch so that it will be a mixture of HIPS and Behavior Blocker (without user interaction), so that most users can have D+ with default settings? And when I mean default settings, I mean all the main settings of Defense+, just not as much as intrusive as it is right now.

That's another solution but IMHO it cannot replace a full HIPS expecially if behaviours are hard-coded and the user can only interact with a limited set of alerts assuming that since it's "behavioural" it should be nasty. While Zero alert solution are only theorical IMHO it would prove way useful for the users to be willing to learn about what freak them out.

There is no point to have a security software at all if the user willingly falls prey of email scams. the time of install and forget are long gone.
"In the beginning the Universe was created. This has made a lot of people very angry and has been widely regarded as a bad move."- Douglas Adams

Offline prandi63

  • Computer Security Testing Group
  • Comodo Family Member
  • *****
  • Posts: 93
Re: COMODO Leak Test Suite Updated Version
« Reply #27 on: November 23, 2008, 02:23:51 PM »
Hye,
well,on default i got 30/330,i did install and unistall about 10 times,changing setting always same result.
i think all is about dll checking that at me it shows no message.
Here below i show what i have on my setting Comodo so far :

proactive
D+ paranoid
FW safe mode

if you need more pic let me know

prandi63


[attachment deleted by admin]

Offline loverboy

  • Comodo's Hero
  • *****
  • Posts: 427
Re: COMODO Leak Test Suite Updated Version
« Reply #28 on: November 23, 2008, 03:21:55 PM »
Hye,
well,on default i got 30/330,i did install and unistall about 10 times,changing setting always same result.
i think all is about dll checking that at me it shows no message.
Here below i show what i have on my setting Comodo so far :

proactive
D+ paranoid
FW safe mode

if you need more pic let me know

prandi63


Why did you set firefox, explorer, msims as "installer or updater"?????? ???
Windows 7 Home Premium 64bit SP1
NOD32 Antivirus 8.0.319.0
COMODO CIS 8.4.0.5165
Configuration: Proactive Security
Firewall: Custom Ruleset
HIPS: Clean PC Mode
Auto-Sandbox: Disabled

Offline prandi63

  • Computer Security Testing Group
  • Comodo Family Member
  • *****
  • Posts: 93
Re: COMODO Leak Test Suite Updated Version
« Reply #29 on: November 23, 2008, 04:45:32 PM »
Hye,
do i have to change setting of these programs???
I try some change and i get blocked comodo,needed restart pc and changing in windows provisory modality
I change like this
programs as trusted(but some of them i get other message and they change what i did before like svchost)
windows programs as windows system application
i have svchost as custom (i try windows system application but always i get message like now)calling port 53 and i don't know i have to use installer or update or other set
test 30/340


prandi63
« Last Edit: November 23, 2008, 06:36:35 PM by prandi63 »

 

Seo4Smf 2.0 © SmfMod.Com Smf Destek