This is a leaktest I have not tested before. It is about to kill processes (like security apps.)
One or more of the techniques it uses kills HIPS like Ghost Security Suite, process Guard. Which is kind of bad since I use GSS
But I can allways rely on Comodo to stay alive. None of the 16 process killing methods could kill Comodo. “Access denied” on all of them.
One of the first things that a malware does is “dis-arm” the PC. Just like when a burglar comes into a home, first thing they do is to disable the burglar alarm, or when they are stealing a car, they disable the security system in the car.
So terminating a security application (firewall, AV etc) is what a malware is going to do first, and ability to resist these termination attacks (dis-arming attacks) must not succeed. Any malware can have this little app and attack any PC and dis-arm it if the security applications are not designed against these type of termination (dis-arming) techniques.
We will continually improve our “Self-Protection”.
Just a word of warning if you’re going to run all the SPT tests - option 3 (or was it 4) can cause a system hang. The firewall is not breached, but your system is unusable. This occured on three out of five PC it was tested on. The other two just produced an “Access denied” msg, but CPF blocked all attempts to terminate it.
While everyone seems excited about Comodo passing leak tests, I thought I would share this with everyone. I am very pleased with CPF and will continue to use it because I really like it. On my computer it has failed PCFlank’s Advanced Port Scanner. It is one of these two, but never both at the same time; Port 12345 NetBus or Port 27374 SubSeven and recently Port 135 RPC (these ports remain closed). Normally my system passes and is in complete Stealth mode. I am using CPF out of the box and don’t plan messing with it. I used Jetico before CPF and it did the same thing except for the RPC port. Again as previously stated, I am very satisfied with this fine product. The above anomalies don’t concern me, but I feel worthy of mention.
Interresting but strange. If that would happen to me, I would be really worried. (I just did a scan at PCflank and all trojan ports were stealthed). They were blocked by the basic rule which is in the bottom of the list in Network Monitor:
BLOCK and LOG IP IN or OUT FROM IP [Any] TO IP [Any] Where IPPROTO iS ANY
You should have that rule too since it is there by default. If it is there at the bottom and you dont have any allow rule for those ports, it is very strange indeed.