CPF failed a very basic test

Hello,

For those who care to know, I just tested the beta version of CPF at http://scan.sygate.com using the stealth test and it failed miserably!!! Is it because the default settings are too low? You see, in this test CPF failed to stealth my ports which even Windows XP firewall does and it passed this test easily. What setting should I change to stealth my ports?

And for those of you zealots out there, this is not an attempt to discredit CPF as I’m a fan of this firewall myself, I just want to know what’s going on with the default settings of CPF. (:NRD)

It should be because you are behind an ADSL router so that the site tests the router?. It is impossible for CPF not to stealth any of your ports.

How do you connect the Internet? And have you changed anything in the network monitor?

Egemen

Yes, I’m using a ADSL router through earthlink. I have not changed any of the settings. I’m using the default settings only and they appear to be a bit weak. Forgive my ignorance but is there a difference in the way firewalls work when you connect to the internet by cable or DSL?

For firewall there is no difference but since you have a router, the actual connection point for you is your router and it is being tested instead of your computer. Namely those test packets do not reach to your PC and your router responds them.

Egemen

I’m using a standard ADSL modem provided by my ISP. Is that the same a a “router”. I want to make sure this is correct. Widows firewall “stealths” all of my ports in the same test. How can I set CPF to do the same? ???

Hmmm. Windows firewall should also have no effect in this. What is your IP address for example? What address does CPF show in Summary->System Info section?

I have the same problem, but i’m behind a router (D-link DGL-4300), and CPF is showing my internal IP.

Ok. If CPF is showing you internal IP, your router is responsible for the internet connections. When a port scanning occurs, it is your router which responds it before the requests reach to the PC.

What you can do is to configure your router’s internal firewall to stealth itself. Every router has such a firewall.

Hmmm… there are alot of settings in the router, but on the firewall-tab there are only enable SPI and DMZ. SPI is on, and DMZ is off. I’m using Mac-adress filtering too, but i really don’t know what setting i should correct to stealth port 80… it’s the only one so far that’s not stealthed…

LEave SPI On. But check for firewall rules section and see if there is a rule which allows port 80. If you cant manage, this is not a big deal at all.

Hi, I’m not familar with d link but you may try the port forwarding feature if this router has this feature to stealth port 80. I had to do this for port 113 in netgear.
FYI if you really want to see comodo in action on inbound stuff turn DMZ feature on for whichever computer address that has CPF installed.BE AWARE that during this time you WILL NOT have the protection of your router. Hope this helps.

Check for a setting that allows remote management of the router and turn it off.

Well, i posted this in another thread, so i just wanted to say that the problem with port 80 is solved. ;D
I have quoted myself below.

"I found it now… I had used some default gaming-rules that opened my port 80. You can choose a game and the default ports the game uses is configured for you. Battlefield 2 has A LOT of ports it uses… more surprising was that port 80 was one of them… I just took port 80 away, and i will see if my children complaines when they play it next time… Now the router pass all tests…

I did also put my router in DMZ to test CPF in a more proper way. Now i can see all tests in CPF log… I’m happy to say, that it has passed all tests i have made so far. " (except Wallbreaker 4/1st test)

I too had an anomalous reading from that particular test,but only one time.Subsequent tests have all been passed.

Checks with Shields Up and the PCFlank website have shown perfect stealth status each time I’ve run them (which has been often)

This is NOT directed at any posts of anyone, just my experience as I did some tests as well…

For one, Pcflank irritates me , why? When you put in a test line, it tells you it failed and that it went through but won’t let you see it until you OPEN your browser! Now for the laugh, I unhooked my internet right from the pc, it said it failed and that my little text was sent, to view it, open browser! how??? I wasn’t connected! Plus denied access with the firewall completely! ???

Ok, now for shields up, an ok scan. One problem, it says the test failed with a closed port. Port 113 which if I remember if closed you may not be able to connect to some servers, namely your ISP in some cases. Now, it won’t tell you that but leaves you wondering. It also made it sound like my public IP was a large issue, which we know isn’t.

Sygate did a great scan , found the closed ports, 80, and 113. Obviously some of us use port 80 completely as do my service providers, which Sygate explained decently. I have an open application on that port, yeah, the Sygate scan and Comodo using Firefox, normal. 113 is blocked. So, Comodo didn’t fail these tests and I noticed Pcflank doesn’t show Comodo as a failure on their little chart, matter of fact, not at all.

So after testing ZA in the past for about 6 years, and finding many holes, along with other freebies, I would have to say Comodo has done the best in passing the tests, just my opinion though.

Cheers,

Paul

There is no doubt at all that Comodo is far and away the leader in passing the outward bound leaktests,nothing else comes close,plus a few ‘cheat’ the tests by blocking the specific leaktest code rather than the underlying vulnerability.

You’re right pcflank always seems to think it has succeeded, even when it clearly hasn’t.

But, in its defence, it doesn’t matter if you’re off-line or not. That’s not what pcflank is trying to do… it’s trying to communicate with an existing MSIE session. If it can communicate with MSIE, then it has won. That’s the leak.

Hello everyone. I will be using Comodo next release, the previous one didn’t have Fast User Switching and was a little heavy on my Desktop PC using Windows XP with only 512MB of Ram. I really liked everything about it though, and in my opinion found it better than SKPF, and much much better than ZA Free. My questions may have already been answered else where in the Forum, but they’re simple and this thread is perfect for them. One. Does Comodo pass the leak tests while in learning mode? And two. Can it be tested on my Wireless Desktop with the wireless router’s Firewall turned off, or do I need to do more? Thanks in advance, and I did search for an answer to the first question, but what I found still made me a little unclear if it did passed the tests or not.

Hi,

1. CPf 2.3 should pass all leaktests in learning mode. It is no longer necessary to turn it to on like in previous versions.
2. To test CPF you will need to turn the routers firewall off or it will be the router that is being tested not CPF. In normal operation you can leave the routers firewall on as a hardware and software firewall won’t conflict.

Mike

I have a problem with that, IE is integrated into Windows OS, it’s not stand alone like Firefox, it’s impossible to block it from inner workings.

Cheers,

Paul