Author Topic: Comodo release 5 new security tests [CLOSED]  (Read 67923 times)

Comofo

  • Guest
Re: Comodo release 5 new security tests
« Reply #30 on: May 05, 2008, 03:22:40 AM »
If you get a chance, could you release a test for the test?  (:TNG)


 (V)

Offline skboss

  • Comodo Member
  • **
  • Posts: 34
Re: Comodo release 5 new security tests
« Reply #31 on: May 19, 2008, 07:21:50 PM »
Hi, Guys please help me out here. when I did the test It says that ----"BITS Hijack"  is vulnerable. How do I fix this problem? I am using a Norton 360 V.2 and Comodo Firewall Pro. Besides that when I did the firewall check on Symantec Internet Security checkup; it found that my Port 80 is open. please help me out. I think this is why I am getting the vulnerability error message. How can I block Port 80 or what else Can I do to make my computer secure? please help me out here.

WaterWall

  • Guest
Re: Comodo release 5 new security tests
« Reply #32 on: May 19, 2008, 08:03:03 PM »
It's not very wise to run Norton 360 which has it's own firewall and Comodo v3. Norton Antivirus and Comodo firewall would be good combination (well the Comodo part for sure  ;D)
Disabling 360's firewall may help, but then Norton will scream and shout that you are not protected and piss you off  :D
So I don't know. It's your call  :)

Offline kail

  • Randomly Appearing
  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 11361
  • The future is much like the present, only longer.
    • COMODO's free software!
Re: Comodo release 5 new security tests
« Reply #33 on: May 19, 2008, 08:05:52 PM »
Hi skboss, welcome to the forums

BITS stands for Background Intelligent Transfer Service, it's a Windows Service. As the name implies, it's generally involved in file transfers & is used as part of the Windows Update (WU) process. In fact, without BITS WU wouldn't work. I believe the currently vulnerability surrounds the use of the COM API.. but, CFP 3 should have detected that. However, if you are indeed running Norton 360 alongside CFP3, then this might be why it didn't. Running 2 firewalls can, apparently, cause such conflicts which result in this.

Port 80 (HTTP) open? That is unusual, unless you're running a web server (are you?). But, again.. I suppose this could because you're running 2 firewalls.. but, I've not heard of that before specifically. Have you tried GRC's Shields Up?

My System Details: W10Px64 with CIS 10 Beta, Firefox & Becky!
Forum Policy.
____
The problem is not the problems, the problem is people's attitude towards those problems.

Offline kail

  • Randomly Appearing
  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 11361
  • The future is much like the present, only longer.
    • COMODO's free software!
Re: Comodo release 5 new security tests
« Reply #34 on: May 19, 2008, 08:14:33 PM »
One thing you could do to mitigate the BITS vulnerability is to limit SVCHOST.EXE (within CFP, not sure about 360) to only access Microsoft Update servers. I suspect this would be fairly effective at stopping the BITS hijack.. (uncertain.. anybody?).. my SVCHOST has been limited like that for years, although I also have BITS disabled (I get Windows Updates by another method).
My System Details: W10Px64 with CIS 10 Beta, Firefox & Becky!
Forum Policy.
____
The problem is not the problems, the problem is people's attitude towards those problems.

Offline skboss

  • Comodo Member
  • **
  • Posts: 34
Hi, Guys please help me out here.  I did a test with Comodo Firewall Leak Test. It says that ----"BITS Hijack"  is vulnerable. How do I fix this problem?  (:SAD) I am using a Norton 360 V.2 and Comodo Firewall Pro. Besides that  I also did the firewall check on Symantec Internet Security checkup; it found that my Port 80 is open.  (:SAD) I think this is why I am getting the vulnerability message. But the problem is that  I don't know how to block it. Please help me out. I think this is why I am getting the vulnerability message. How can I block Port 80 or what else Can I do to make my computer secure? I also included the firewall test report to understand you guys better and to help me out. I am using Windows Vista service Pack 1. Please help me out here.

[attachment deleted by admin]

Offline skboss

  • Comodo Member
  • **
  • Posts: 34
Re: Comodo release 5 new security tests
« Reply #36 on: May 20, 2008, 06:42:12 PM »
Hi, Kali Thank you for your response and to let you know that I am not running a web server. But still my port 80 is open, There is absolutely no way that I can close it. I tried disabling Norton Firewall and just to use Comodo Firewall but still the same result--Port 80 is open. please help me out here.

Offline kail

  • Randomly Appearing
  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 11361
  • The future is much like the present, only longer.
    • COMODO's free software!
Re: Comodo release 5 new security tests
« Reply #37 on: May 20, 2008, 07:01:25 PM »
Hi skboss

Firstly disabling a firewall (ie. Norton 360) when a second firewall is present will probably not be sufficient. This is because firewalls tend to conflict at a driver level & disabling a firewall doesn't necessarily stop their drivers.

Port 80 (HTTP): Open CFP, go to the Firewall section & select "View Active Connections". You should look at the Source (not Destination) & see if there is active connection for TCP Port 80. If there is, what is the associated program? Failing that, what is telling you that TCP Port 80 is open? Symantec's web test? If so, I recommend that you go to GRC's ShieldsUP & confirm that via GRC's test.
My System Details: W10Px64 with CIS 10 Beta, Firefox & Becky!
Forum Policy.
____
The problem is not the problems, the problem is people's attitude towards those problems.

Offline surveyor_9

  • Newbie
  • *
  • Posts: 2
Re: Comodo release 5 new security tests
« Reply #38 on: May 26, 2008, 09:44:17 PM »
Hi there - I was happily running CFP v3 until I downloaded and tried the clt test which I failed on all accounts.
My network defense is set at custom; my proactive defense is set at paranoid and I do not have the clt.exe allowed in my security policy. I would appreciate any help on fixing this plse. Cheers

3xist

  • Guest
Re: Comodo release 5 new security tests
« Reply #39 on: May 27, 2008, 06:05:16 AM »
Hi there - I was happily running CFP v3 until I downloaded and tried the clt test which I failed on all accounts.
My network defense is set at custom; my proactive defense is set at paranoid and I do not have the clt.exe allowed in my security policy. I would appreciate any help on fixing this plse. Cheers

Hi surveyor_9 & Welcome to the forums!!

It's not a concern. This test suite is just a little difficult for some users to use (how they should answer certain alerts, etc). You are protected, Don't worry!  ;)

Josh

Offline surveyor_9

  • Newbie
  • *
  • Posts: 2
Re: Comodo release 5 new security tests
« Reply #40 on: May 27, 2008, 06:31:58 AM »
Hi Josh - thanks for the welcome. I am sure that I am protected but if I can tweak the system then I would be interested in passing the security tests. Is this possible? Cheers Surveyor_9

Offline don67

  • Comodo Loves me
  • ****
  • Posts: 133
  • Oh! Yeahhh!!!
    • My Site
Re: Comodo release 5 new security tests
« Reply #41 on: June 11, 2008, 02:47:05 PM »
I run the CLT again with the latest version and this is the result.... :-TD




« Last Edit: June 11, 2008, 03:54:39 PM by don67 »

Offline Blas

  • Computer Security Testing Group
  • Comodo's Hero
  • *****
  • Posts: 373
Re: Comodo release 5 new security tests
« Reply #42 on: June 11, 2008, 08:03:19 PM »
Don,

Was CLT already on your computer before installing the firewall?

Offline don67

  • Comodo Loves me
  • ****
  • Posts: 133
  • Oh! Yeahhh!!!
    • My Site
Re: Comodo release 5 new security tests
« Reply #43 on: June 14, 2008, 04:08:53 AM »
Yes CLT is on my computer before i install the firewall in my partition :THNK

Offline Blas

  • Computer Security Testing Group
  • Comodo's Hero
  • *****
  • Posts: 373
Re: Comodo release 5 new security tests
« Reply #44 on: June 14, 2008, 07:17:16 AM »
If defense+ was in celanpc mode, which is the default, it considers everything safe on your computer prior installation. So if CLT was already on your computer when you installed the firewall it was considered safe, and its actions allowed and learned automatically. If you want to rerun it, you should uninstall CLT, delete it from your computer and open up the firewall and on the defense+ tab go to advanced, computer security policy. Here you should search for anything related to CLT and delete the rules. Maybe a purge will remove most. Do the same at firewall/advanced/network security policy. If done, you can download again the test and it should ask you about its actions.

 

Free Endpoint Protection
Seo4Smf 2.0 © SmfMod.Com Smf Destek