I have run CLT with CIS5, and I have scored 320/340…
The vulnerable state is for these test:
Injection: SetWinEventHook
Injection: SetWindowsHookEx
SO: Windows 7 32bit virtualized with VirtualBox
Config: Proactive Security, SB disabled, D+ Safe Mode
Is a CIS5 bug or is due to virtualization??
The sandbox plays a major part with Comodo, it’s your final layer of security. So you can’t really say it missed some when you have it disabled.
I disabled SB to run CLT…
I know that when CLT runs, the sandbox should be disabled otherwise CLT would be runned in the SB and so the tests would be altered…
New tests
SB enabled, treat unrecognized files enabled , D+ safe mode:
Partially Limited: Score 150/340
Limited: Score 150/340
Restricted: Score 150/340
Untrusted: Score 150/340
SB enabled, treat unrecognized files disabled , D+ safe mode: Score 320/340
SO Win7 32bit (VirtualBox), CIS 5.0.158836.1079, Proactive Security
That doesn’t make any sense, with V3 and V4 all you need to do is set CLT as a “blocked application” and it jumps to 340/340, but now you need the sandbox to score perfectly?
JoWa
August 17, 2010, 9:10pm
7
I get 340/340 with sandbox disabled. XP SP3
I have run CLT with CIS5, and I have scored 320/340…
The vulnerable state is for these test:
Injection: SetWinEventHook
Injection: SetWindowsHookEx
SO: Windows 7 32bit virtualized with VirtualBox
Config: Proactive Security, SB disabled, D+ Safe Mode
Is a CIS5 bug or is due to virtualization??
I just got 340/340 on my Win 7 x86 on similar settings. That may be a clue it is that the VM is playing a role.
As I tought, perhaps the cause is VM…
It is important that it is not a CIS5 bug on Win7… :-TU
egemen
August 18, 2010, 10:04pm
10
It is a bug of VirtualBox and hence CIS does not function properly in it.
New tests
SB enabled, treat unrecognized files enabled , D+ safe mode:
Partially Limited: Score 150/340
Limited: Score 150/340
Restricted: Score 150/340
Untrusted: Score 150/340
SB enabled, treat unrecognized files disabled , D+ safe mode: Score 320/340
SO Win7 32bit (VirtualBox), CIS 5.0.158836.1079, Proactive Security
JoWa
August 19, 2010, 6:38am
12
CIS 5.0.159634.1091, Internet Security , XP SP3
Partially Limited : 340/340
Limited : 330/340 : 24. Impersonation: DDE Vulnerable :-\
hkjoj
August 20, 2010, 2:15pm
13
Is that a bug in Parental Control?
CIS 5.0.159634.1091, Firewall with D+, XP SP3
Partially Limited: 340/340 Parental Control (Disable)
Partially Limited: 330/340 Parental Control (Enable)
It failed the DDE item with Parental Control enabled and suppressed all alerts.