COMODO Leak Test Suite Updated Version

[samahita]

Get 310/340 with new test. These 3 fails.
6. Invasion: RawDisk   Vulnerable
8. Invasion: FileDrop   Vulnerable
15. Injection: KnownDlls   Vulnerable
Firewall safe mode
Defense+ sage mode

Any ideas or comments on how to achieve 340/340 security?

[samahita]

Now get 340/340 with XP SP3
Firewall = safe mode
Defense+ = safe mode
AND NOW
Configuration = Proactive security
 (R)  (L)

[khanyash]

COMODO Leaktests v.1.1.0.3
 
Date 5:10:31 PM - 11/20/2008
 
OS Windows XP SP3 build 2600

pc tools firewall plus  4.0.0.45 with default setting 170/340 ( pretty good score without hips. with hips enabled i.e threatfire, it blocked full test 340/340
 
1. RootkitInstallation: MissingDriverLoad Protected
2. RootkitInstallation: LoadAndCallImage Vulnerable
3. RootkitInstallation: DriverSupersede Vulnerable
4. RootkitInstallation: ChangeDrvPath Vulnerable
5. Invasion: Runner Protected
6. Invasion: RawDisk Vulnerable
7. Invasion: PhysicalMemory Protected
8. Invasion: FileDrop Vulnerable
9. Invasion: DebugControl Vulnerable
10. Injection: SetWinEventHook Protected
11. Injection: SetWindowsHookEx Protected
12. Injection: SetThreadContext Protected
13. Injection: Services Vulnerable
14. Injection: ProcessInject Protected
15. Injection: KnownDlls Vulnerable
16. Injection: DupHandles Protected
17. Injection: CreateRemoteThread Protected
18. Injection: APC dll injection Protected
19. Injection: AdvancedProcessTermination Vulnerable
20. InfoSend: ICMP Test Protected
21. InfoSend: DNS Test Protected
22. Impersonation: OLE automation Protected
23. Impersonation: ExplorerAsParent Protected
24. Impersonation: DDE Protected
25. Impersonation: Coat Protected
26. Impersonation: BITS Vulnerable
27. Hijacking: WinlogonNotify Vulnerable
28. Hijacking: Userinit Vulnerable
29. Hijacking: UIHost Vulnerable
30. Hijacking: SupersedeServiceDll Vulnerable
31. Hijacking: StartupPrograms Vulnerable
32. Hijacking: ChangeDebuggerPath Vulnerable
33. Hijacking: AppinitDlls Vulnerable
34. Hijacking: ActiveDesktop Protected
Score 170/340
 

(C) COMODO 2008

[Jahn]

340/340 on XP Home SP2

Comodo Proactive Security
Firewall - Safe Mode
Defense+ - Safe Mode

 

(V)

[khanyash]

what kinda default settings are these-------

here is my leak test results with CIS latest version, default settings------ 50/340. (each and every pop ups blocked during tests).

Mr. Melih, CIS with default settings is a threat for majority of users i.e 70-80% users who use default settings. default settings should be decent and effective coz majority of users rely on default settings. 50/340 dont you think these default settings needs a lot of improvements. wot say guyz !!!!!!!

[ganda]

what kinda default settings are these-------

here is my leak test results with CIS latest version, default settings------ 50/340. (each and every pop ups blocked during tests).

Mr. Melih, CIS with default settings is a threat for majority of users i.e 70-80% users who use default settings. default settings should be decent and effective coz majority of users rely on default settings. 50/340 dont you think these default settings needs a lot of improvements. wot say guyz !!!!!!!

huh i've read some ppl didn't get max score with default setting, but 50/340

[prandi63]

Hye,
50/340
i wish i could get this score, i have only 30/340 and it is about 1 week i ask anywhere i can get better score.....
For this test,i trying to do some change myself,result
I need to format my os hd once(2 days spending off installing about 60 programs) and i unistall and reinstall(cleaning regedit all the time between operation) about now 7 times,score is always the same
Maybe cause off this result it is a have a USB modem plug in and i don't use lan but ordinary usb adsl.
I am really dissapoint about this..and i feel to try another firewall that in my case offer me better protection
Regards
prandi63
 

[DarkButterfly]

huh i've read some ppl didn't get max score with default setting, but 50/340

The user has got a point, though. CIS's default settings should provide a stong protection for the average user who has no idea how to answer to all those alerts in Safe Mode or even in Paranoid Mode. They would freak out!!!! And with a good reason.

Most of security suites and other security apps offer a great protection with default settings, but seems not to be the case with CIS.

I really would like to see, in this case, Defense+, to offer a very strong protection without freaking out users. Why not, perhaps, rebuild Defense+ from scratch so that it will be a mixture of HIPS and Behavior Blocker (without user interaction), so that most users can have D+ with default settings? And when I mean default settings, I mean all the main settings of Defense+, just not as much as intrusive as it is right now.

(I will be testing BitDefender Total Security later without both Default and Advanced settings. I have a legal license!!! Be grumpy! Call me greedy!!! I got it from BitDefender when I beta tested their software. Cool!!! Will see how it performs.)

[gibran]

what kinda default settings are these-------

here is my leak test results with CIS latest version, default settings------ 50/340. (each and every pop ups blocked during tests).

Mr. Melih, CIS with default settings is a threat for majority of users i.e 70-80% users who use default settings. default settings should be decent and effective coz majority of users rely on default settings. 50/340 dont you think these default settings needs a lot of improvements. wot say guyz !!!!!!!

CIS latest version with default setting reach 320/340.

[gibran]

Hye,
50/340
i wish i could get this score, i have only 30/340 and it is about 1 week i ask anywhere i can get better score.....
For this test,i trying to do some change myself,result
I need to format my os hd once(2 days spending off installing about 60 programs) and i unistall and reinstall(cleaning regedit all the time between operation) about now 7 times,score is always the same
Maybe cause off this result it is a have a USB modem plug in and i don't use lan but ordinary usb adsl.
I am really dissapoint about this..and i feel to try another firewall that in my case offer me better protection
Regards
prandi63
 

Please open a topic about that in D+ help section on the international board. I'm sure you'll get plenty of help.

[gibran]

Truth is guys and gals, you can't trust any leaktest program designed by a firewall builder. It's always gear toward their program being number #1. That's why you were asked to check  the program their way, to PASS with flying colors

You forgot to mention that indipendent developed testsuites are there to eventually confirm the results.

Leaktest are PoC meant to address specific vulnerabilities I guess the consideration to trust the result or not should be at least backed with some more argumentative attempt other than leveraging on mistrust.

[gibran]

I really would like to see, in this case, Defense+, to offer a very strong protection without freaking out users. Why not, perhaps, rebuild Defense+ from scratch so that it will be a mixture of HIPS and Behavior Blocker (without user interaction), so that most users can have D+ with default settings? And when I mean default settings, I mean all the main settings of Defense+, just not as much as intrusive as it is right now.

That's another solution but IMHO it cannot replace a full HIPS expecially if behaviours are hard-coded and the user can only interact with a limited set of alerts assuming that since it's "behavioural" it should be nasty. While Zero alert solution are only theorical IMHO it would prove way useful for the users to be willing to learn about what freak them out.

There is no point to have a security software at all if the user willingly falls prey of email scams. the time of install and forget are long gone.

[prandi63]

Hye,
well,on default i got 30/330,i did install and unistall about 10 times,changing setting always same result.
i think all is about dll checking that at me it shows no message.
Here below i show what i have on my setting Comodo so far :

proactive
D+ paranoid
FW safe mode

if you need more pic let me know

prandi63


[attachment deleted by admin]

[loverboy]

Hye,
well,on default i got 30/330,i did install and unistall about 10 times,changing setting always same result.
i think all is about dll checking that at me it shows no message.
Here below i show what i have on my setting Comodo so far :

proactive
D+ paranoid
FW safe mode

if you need more pic let me know

prandi63

Why did you set firefox, explorer, msims as "installer or updater"

[prandi63]

Hye,
do i have to change setting of these programs???
I try some change and i get blocked comodo,needed restart pc and changing in windows provisory modality
I change like this
programs as trusted(but some of them i get other message and they change what i did before like svchost)
windows programs as windows system application
i have svchost as custom (i try windows system application but always i get message like now)calling port 53 and i don't know i have to use installer or update or other set
test 30/340


prandi63