Hey…
ive just installed the latest comodo for the first time, and the software seems to let everything out! i tested with both grc and pcFlank leaktest which both reported they got out!
i have not changed any settings. the levels are: training mode for firewall, and cleanPC for defense +
ps. never got any popup asking me to wether allow or not the leaktest, they just got out without comodo alerting me.
any suggestions? 
LOL
Training mode will automatically allow everything and create rules for it, so in the future it will be allowed also.
This is why it is failing (:LGH)
Xan
oh, i thought training mode means comodo will ask me to ok it or not. so training mode means ‘allow all’ ?
jep,
Xan
hmm…so how do i reverse this situation? i mean i did had it on training mode, and as you say comodo has allowed everything and created rules to allow a bunch of apps. How do i force it to start over and not allow anything unless i say so?
ps. plz forgive my noobness (:TNG)
More explanation
Firewall
Defense +
I hope I didn’t type anything wrong (except typos ;D)
Xan
np, that’s why were here
You can go to miscellaneous → Manage my configurations and choose select, and pick “optimum security”. Reboot and see if this does it for you.
Xan
When you redo the test, does it work out now ?
Xan
tnx for explaining it to me m8, im gonna go to play with my firewall now O0
“Optimum security” is the Active configuration.
“Network security” is a alterate configuration with less enabled features.
The only way to get a default “Optimum security” backup is to export CFP configuration soon after installation and before reboot.
In order to remove Firewall training you can delete all entries from Network security policy except for:
Comodo Firewall pro
Windows Updater Applications
System
Clean pc mode will make CFP Defense+ Learn all programs that are not listed in your Pending List (My Pending Files).
This means that if a leaktest is not listed in My Pending Files it will be learned and it will fail.
In order to remove Defense+ training you can delete all entries from Computer security policy except for:
Comodo Firewall pro
Windows Updater Applications
Windows System Applications
All Applications
%windir%\explorer.exe
%windir%\rundll32.exe
Application 1: Group: [Windows System Applications] Treat as: [Windows System Application]
-----------------------------------------------------------------------------------------
Application 2: Group: [Windows Updater Applications] Treat as: [Installer Or Updater]
-----------------------------------------------------------------------------------------
Application 3: Group: [COMODO Firewall Pro] Treat as: [Custom Policy]
-----------------------------------------------------------------------------------------
Protection 0: { Process Terminations } Enabled
[0] Exception: Group [Windows System Applications]
Protection 1: { Interprocess Memory Access } Enabled
[0] Exception: Group [Windows System Applications]
Application 4: %windir%\explorer.exe Treat as: [Custom Policy]
-----------------------------------------------------------------------------------------
Access Right 0: { Run an Executable } Default Action: Ask
Access Right 1: { Loopback Networking } Default Action: Allow
Access Right 2: {Device Drivers Installations} Default Action: Allow
Access Right 3: { DNS Client Services } Default Action: Allow
Access Right 4: { Protected Registry Keys } Default Action: Allow
Access Right 5: { Protected Files/Folders } Default Action: Allow
Access Right 6: { Computer Monitor } Default Action: Allow
Access Right 7: { Keyboard } Default Action: Allow
Access Right 8: { Disk } Default Action: Allow
Access Right 9: { Phyisical Memory } Default Action: Allow
Access Right 10: { Protected COM Interfaces } Default Action: Allow
Access Right 11: { Windows/WinEvents Hooks } Default Action: Allow
Access Right 12: { Windows Messages } Default Action: Allow
Access Right 13: { Process Terminations } Default Action: Allow
Access Right 14: { Interprocess Memory Access } Default Action: Allow
Application 5: %windir%\system32\rundll32.exe Treat as: [Custom Policy]
-----------------------------------------------------------------------------------------
Access Right 0: { Windows Messages } Default Action: Allow
[0] Allowed: %windir%\system32\\csrss.exe
Access Right 1: { Computer Monitor } Default Action: Allow
Access Right 2: { Protected Files/Folders } Default Action: Ask
[0] Allowed: *.exe
Access Right 3: { Keyboard } Default Action: Allow
Access Right 4: { Protected Registry Keys } Default Action: Ask
[0] Allowed: *\Software\Microsoft\Windows\CurrentVersion\Run*
[1] Allowed: HKLM\SYSTEM\ControlSet???\Control\Session Manager\*
[2] Allowed: *\SOFTWARE\Microsoft\Internet Explorer\Desktop\General\Wallpaper
[3] Allowed: HKUS\*\Control Panel\Desktop\SCRNSAVE.EXE
[4] Allowed: HKLM\SYSTEM\ControlSet???\Services\*
Access Right 5: { Disk } Default Action: Allow
Access Right 6: { Interprocess Memory Access } Default Action: Ask
[0] Allowed: %windir%\svchost.exe
[1] Allowed: %windir%\explorer.exe
[2] Allowed: %windir%\system32\msiexec.exe
Access Right 7: { Protected COM Interfaces } Default Action: Ask
[0] Allowed: LocalSecurityAuthority.Backup
[1] Allowed: LocalSecurityAuthority.Restore
[2] Allowed: LocalSecurityAuthority.Shutdown
[3] Allowed: \RPC Control\ntsvcs
[4] Allowed: {4590F811-1D3A-11D0-891F-00AA004B2E24}
[5] Allowed: LocalSecurityAuthority.SystemTime
[6] Allowed: {75048700-EF1F-11D0-9888-006097DEACF9}
Access Right 8: { Run an Executable } Default Action: Ask
[0] Allowed: %windir%\*
Application 9: Group: [All Applications] Treat as: [Custom Policy]
-----------------------------------------------------------------------------------------
Access Right 0: { Protected Files/Folders } Default Action: Ask
[0] Allowed: Group [Temporary Files]
Access Right 1: { Windows/WinEvents Hooks } Default Action: Ask
[0] Allowed: D:\WINDOWS\system32\msctf.dll
[1] Allowed: D:\WINDOWS\system32\browseui.dll
[2] Allowed: D:\WINDOWS\system32\ieframe.dll
well, i didnt want to mess up anything since there r tons of settings i can play with which im still not familiar with, so i just re-installed it and now comodo doesnt leak anything :BNC
i used to have another firewall before which begins with a K and ends with an o lol. that was awful, (for me atleast), it was pretty slow specialy during torrenting (legal stuff of course :D) and the gui would hang alot and sometimes never showed up!! also when i logged off from one user to login with in another user it didnt seem to work properly and make my system unstable, like i couldnt logoff or restart!, eventually it would just crash on me!
anyway, enough bashing other firewalls lol so far im loving comodo and still so many settings to play with
Did you made a backup before rebbooting?
This could help other members as well. (CNY)
Do you mean backup of my comodo settings or my computer? anyway i did neither. Comodo un-installed smoothly without any problems, i rebooted and installed it again.
Now im running on default settings, which is clean pc mode on Defense+ (after scanning my system) and safe mode on Firewall.
I run the leaktests again and this time Comodo was successful blocking them all, on its own default settings.
(:CLP) Congrats, you are now leak proof
+1 help again for Xan ;D
Xan
Hi,
I just downloaded and installed Comodo Firewall
And my Firewall is set at safe mode
Defense+ set at clean pc
I ran the GRC leak Test,
And it shows
Firewall Penetrated!
LeakTest WAS ABLE to connect to
the main GRC.COM Web Server!
And i did what the member did uninstalled it and reinstalled Comodo and it worked for him, Unfortunately it did not work for me
I tried changing it to Custom policy Mode and did the same thing,
Only option that worked was block all Mode and obviously thats not the selection i want .
I did the Miscellaneous and Manage my Configurations and it was already set at optimum security.
So what next? is my Computer vulnerable at the moment?
I had Windows Firewall and ran leak test and samething so obviously windows firewall isnt working either…
Thanks!
Was the test on your pc before you installed Comodo or did you freshly got it from their site 88). If it was on your pc, it’s normal but it should have come up with the malwarescan. If you got it from their site … where in some trouble here ;D. (again :))
keep me informed
Xan
Will for some reason now its working… when i click on the leak test Comodo poped asking if i want to accept this or block it of course selected block and did not penetrate this time.
The leak test was already on my computer before i installed Comodo. So you would thats problem the reason why the leak test penetrated the firewall, But i removed leak test several times after and redownloaded it after comodo was already installed and still said it penetrated, but today its won’t pentrate because finally got a pop up from comodo asking to accept or block.
i need to try this on my other user name, i am signed onto my limited access account which maybe why it blocking it, Yesterday i was using my Adminstration account and wouldnt block it at all,
i’ll let you know when i try it when i use my administration Account on my XP computer.
Thanks for the reply, Hopefully everything will be alright…
I hope to
keep us tuned
Xan
Hallo EraserOne CFP HIPS (aka Defense+) defaults to CleanPC Mode.
In order to run those leaktest properly you have to find the specific defense+ rules (named after the leaktest executable filenames) and delete them.
Then you can either switch Defense + to Safe Mode and run those leaktests again or keep Defense+ in CleanPC mode and add all leaktest files to “My Pending Files” list.
CFP will automatically add New (downloaded or moved) files to that list and it will not consider them Trusted thus enabling Defense+ alerts.
Anyway if those files were already on your pc when you installed CFP and CleanPC mode was activated it was needed to manually add them to My Pending Files before running those Leaktests.
“My Pending Files” will list all files that CFP will not automatically learn so if you clear that list CFP will not alert you.
If you are not confortable with CleanPC + “My Pending Files” usage you can set CFP Defese+ to Safe Mode.
Will i switched to my Admistrator account, redownloaded GRC leak test, And it once again penetrated,. Where on my other user account with Limited Access it blocked it.
i got Comodo to block it after changing the Defense + from clean pc to Safe Mode
So i guess i will just have to keep Firewall at safe mode and Defense+ at safe mode,
I went to My Pending files and deleted the leak test then redownloaded it and tried it while defense+ was still in clean pc mode but still was penetrated. So i guess i stick to safe mode.
Thanks