CPF fails PC Flank leak test

You guys need to do a little more work on Comodo. It fails the new PC Flank leak test at http://www.pcflank.com/pcflankleaktest.htm

Comodo never even asked if I wanted it to launch IE (leak test program as parent) and the leak test program is not in any list of programs in CPF. Only Cyberhawk caught it.

[Topic Closed: If issue returns PM an online mod to open]

CPF does not fail the PC flank test… The problem is that the test is bugged. I gave it a try myself as soon as I got the firewall and it passed, even though the test stated that it leaked. The firewall asks for permission the moment the “failed” screen appears. If you click deny at this point, it will pass the test.

Once the test is finished, you’re provided a link with the test results. If you follow the link and look at the results, you’ll find that there is no data there. However, if you click allow instead of deny at the step mentioned above, you will see the text you typed when you follow the results link.

Hope this helps.

As for Comodo not asking you: This was most likely because you have the “Do not show any alerts for applications certified by Comodo” option enabled. IE just happens to be one of those applications… For maximum security, I recommend unchecking this option.

Open the firewall, go under security->advanced->miscellaneous; then uncheck the option mentioned above and try the test again, you should get the results I described above providing you have the latest version of the firewall.

The firewall DOES fail the PC flank test. It doesn`t ask for permission when the “failed” screen appears and when I go to the results page the data I entered is there.

I agree that the leaktest application window says the firewall has leaked. It says this right about the time the FW is giving me multiple popups about the connection attempt, which I subsequently deny. I did this with IE (not my default browser) already open, to avoid false positives by allowing the leaktest app to call IE itself.

When the connection attempt is denied, the information is not submitted. The leaktest application is falsely accusing the FW of having leaked. Copying the link they provide into the browser shows that there is nothing there.

My guess is that like so many FW tests, it is geared toward the FW having HIPS capabilities (wherein the FW would not let the leaktest even run in the first place. However, I cannot quantify that.

What I can quantify is that the leaktest was blocked by Comodo FW. Thus, their statement that only two commercial FWs have passed the test, is patently false (or else they didn’t test Comodo…).

If you are running CFP and there was text visible on the leaktest website, you have somehow allowed the action to occur. I even tried it with “Do not show alerts…” as garanixx mentioned, enabled. The test said I failed, the website had no information; the firewall did not fail.


The problem is Im not getting pop-ups from the firewall, its going straight thru. I have the same problem with Comodos test suite. Theres a new twist added. Now, when I perform the leak tests, a page comes up “page cannot be displayed.” And then mutiple pages come popping up saying the same thing. I have to disconnect from the net and restart to get it to stop.

I’ve replied in your other thread, about CPIL. Suggest you check Security/Advanced/Miscellaneous. Top box is “Enable Alerts.” Make sure that’s checked, and click OK. While you’re there, like garanixx suggests, turn off the safelist (“Do not show alerts for applications certified by comodo”).

Be sure to reboot between tests. The “page cannot be displayed” error shows that the FW has probably blocked the browser without you being aware of it.

Something to keep in mind is that a lot of these tests are set up to make the user think they have failed (or rather, that their firewall did), and try to trick you into Allowing the test to access the internet. I will give this one credit, they do state that it is preferred to open IE manually, to avoid false positives by letting the leak application call it.

But if they give you a link, copy/paste it into the browser, don’t just click it. If you get any alerts from the FW, deny (but don’t “remember”). Reboot between tests to clear the memory and make sure you get a “clean” test the next time.

Once you have blocked it, the FW will keep the browser blocked for that session. So if you don’t have a different browser to check results, close & reopen IE before pasting their link in to see if your text shows up.