If you wanted to see the trusted applications, you should have specified it during the setup. You are presented the option to disable it during the setup. Or later you can go and disable. Just you dont understand does not mean it is not working.
About PCFlank test, we and all of our users know what our firewall prevents and we make our claims according to it. As you will also agree, consequences of making false claims would be more painful for us than you writing in a forum.
it is pity that the firewall leak testing site have not retested CPF yet, independently to convince people like you.
CPF so far detected many 0-day trojans thanks to its smart technology which we are proud to claim the BEST in the market.
So please either ethically give exact steps and the configuration(Your OS, SP, all security software installed, your CPF configuration i.e. export of HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Personal Firewall registry key) for our developers to reproduce and see what is going on, or stop making inaccurate claims.
Cpf 2.3.3.33 is passing all the leak test I have tried… I think your either misconfiguring something, or you have a bootsector/mbr rootkit which is corrupting your installations.
Just my thoughts…
I my packet filter also detects all the connections beings made, and system safety monitor is catching the processes , so I can see that cpf is doing it’s job.
I just replicated the PC-Flank failure & it’s exactly as described above. The data string that I gave the PC_Flank EXE appeared on the PC-Flank web site before I had even answered PCF’s Allow/Deny query. I answered Deny. Turned off certified display skip & re-ran the test. It failed again, same as before. This time I told CPF to remember the Deny. The 3rd test also failed. CPF had issued a pop-up again. So, I set CPF to remember the Deny again & I also turned the skip display for certified apps back on. This time CPF was sucesful. No data reached PC-Flank’s site. However, the PC-Flank executable was not aware it had failed and acted like it had worked.
Notes/Observations: A new MSIE window was opened for each PC-Flank test. Firefox was used to check PC-Flank’s results page. No where is the PC-Flank program name (PCFlankLeaktest.exe) mentioned… in logs or in the application monitor. In the application monitor there now a block for MSIE where the parent is explorer.exe any-any-TCP/UDP out. That’s about it.
While testing, please use a different text each time you run the test. Beause that test stores previous texts on the web site and you may not understand the difference unless you enter a different text each time.
Remembering with answer DENY has no effect on remembering the leak atempt. For leak attempts remembering will only be effective if you press allow.
After verifying that while you always entered a different data with each test, and you still observed the same behavior, we may conclude that in windows 2000 SP4, CPF has a bug causing this issue.
Thank you for the help,
Egemen
Edit : I think this is related to the beta releases. if you can test the stable version and report your results, you would be very helpful.
I can confirm that I used a different random string each time.
Remembering with answer DENY has no effect on remembering the leak atempt. For leak attempts remembering will only be effective if you press allow.
Ah… OK. Since the PC-Flank test required that I open a MSIE window before attempting the test, I assume that it is using MSIE in a way that CPF is not seeing on my OS. The block I added, just stopped anything using MSIE where I started it manually. Oops.
[b]Edit : I think this is related to the beta releases. if you can test the stable version and report your results, you would be very helpful.[/b]
No problem. I’ll do this by the end of today & report back.
Then why don’t you give us a detailed description of your machine?
Makes me wonder :
edit: beta apps are for testing and finding bugs. Testing isn’t installing and running for an hour or two. If you are not willing to test them then don’t. Just use the stable vesion
Why do you get so protective when someone mentions that it does not work as claimed?
I know it is a beta but it has been claimed in the forum is stable and a release candidate and everyone is being encouraged to try it. I emphasise try and not keep. I tried it, found it did not work as claimed and removed it. What is wrong with that?
For your info I am running 2k sp4 with PG disabled, Avast. AMD Athlon 2200.
I have given you the info that was sent out and also told you that all the texts I put in were presented on PC Flank. Why should I be making this up?
OK. I just tried the PC-Flank test on the CPF release version & it passed, no data was transmitted to the PC-Flank site. PC-Flank thought that it had suceeded (which it always seems to do).
Since this was a clean install of CPF, I re-ran the PC-Flank test on a clean install of 2.3.3.33. The BETA failed the PC-Flank test. Despite CPF detecting the OLE attempt, the data was transmitted to the PC-Flank site anyway.
kail can you check one more time with the “component monitor” turned on?
On the last beta this was necessary. (For this version at the xp is not needed).
At first I thought switching the Component Monitor from Learn Mode to Turn On had worked. It generated different pop-ups on other programs wanting their library usage confirmed. In any event, it did eventutally display the PC-Flank OLE message. But, unfortunately, the data had already arrived at the PC-Flank web site by that time. I tried it again (to avoid all the other pop-ups). But, once again PCF failed to stop the data getting to the PC-Flank web site, despite detecting the event.
Thx kail. This means that there is definitly a bug at the beta when installed at a win2k sp4
If you can make an online scan at pcflanc or another security related site. (just for being sure that there isn’t any problems with the stealthing/blocking abilities of cpf).
I’ve already peformed several of these… GRC, PC-Flank, Sygate, etc… and there does not seem to be any problems with stealthing and/or blocking in CPF. Inbound doesn’t seem to be a problem.
We really do appreciate your efforts in testing CPF.
I think the issue has arisen not that CPF might not have a bug, as we all know bugs are part of software development and sometimes part of the software but because the way this potential bug has been reported here.
There is a big difference in
1)a company making claim that is false
2)a company making a claim and only in certain scenerios, due to a bug one user is not seeing that claim.
Of course from your point of view you are seeing what you are seeing, but from other’s users’ point of view they are seeing what they are seeing.
So insinuating that company’s claim is wrong is obviously the wrong way to report this bug as you would be upsetting all the people the product works for!
I don’t think anyone would have any problem if you were to say: “hey guys, somehow this doesn’t work on my machine, what gives?”, rather than “it does not work as claimed”. As, the first statement does not offend all the other users for whom the CPF work for!
I hope we all can understand eachother view point and move forward to building this beutiful product to be in every PC!
I’ve jus tried about all the leak tests on Firewallleaktester… CPF managed to block all of them except in my case for Yalta and cpil… for cpil it gave me the warning 2 minuts too late…
using a compaq presario 1525 about to burst into flames, with a operating system seriously in need of reinstall, totaly messed up windows XP with SP2 comodo still manages to pass almost all the tests
Maybe it would be a good idea for every-one to start to make your own tests and create a topic only on results
Remember to NOT use the default IP address for yalta since it is your local machine. Try another one (eg. 131.112.212.11) and see if there is a popup. The yalta information itself (data successfully sent) isn`t an inidcator if the leak test is passed or not.
