Didn't Comodo do anything to stop the Trojan acting as a server ???

carioca · July 6, 2007, 6:42pm

(:SAD)
I read this post today at the Kaspersky Lab Forum. Is that true? I don’t believe because I rely on CFP. Who knows about it? "Comodo did not do anything to stop the Trojan acting as a server. This is supposed to be a simple task for a good firewall: stop a Trojan from acting as a server." Best Regards.

???

Quotation:

"Hythloday
post Yesterday, 12:59
Post #7

Member
**

Group: Members
Posts: 26
Joined: 19.06.2007
Member No.: 48064

QUOTE(Lykoris @ 5.07.2007 10:31)
but lately noted in a PC mag that Comodo scored higher on leak tests (considering it is free I wasn’t so impressed with ZA (although they did score high alongside Kaspersky)) and also read somewhere that ZA depends upon Kaspersky for their daily AV updates (I don’t know how true this is…).
of effectiveness and configurability?

You should not believe everything you read:-)

Here is an older firewall test:

http://www.firewallleaktester.com/tests.php

I am quite aware that there are new versions of many programs. Comodo may be very good in leaktests but there is more to a firewall than that. A month ago I had Comodo installed on my computer when I got the Drive Clean 2006 Smitfraud on my screen. In my system log I found the following warning (in Dutch):

De server {C7E3D60-7A9F-428F-ABB1-O3DCOFA4F493} heeft zich binnen de vereiste termijn niet bij DCOM geregistreerd.

In other words Comodo did not do anything to stop the Trojan acting as a server. This is supposed to be a simple task for a good firewall: stop a Trojan from acting as a server."

:THNK

Little_Mac · July 6, 2007, 8:59pm

Well there are some things we don’t know, carioca ~

For instance, what version of the firewall does the user have?

How is it configured? Yes it is possible to mess up CFP’s protection and have it not protect you.

Were there log entries in CFP?

Also, the Firewall Leak Tester is using version 1.1 for those tests. Wow, we’re on 2.4, about to move to 3.0…

In some cases “act as a server” means the application is prepared to make or listen for a connection, but is not connected. If the application has not actually tried to establish a connection, Comodo has nothing to do with it. At this point (as of v 2.4) it is not a HIPS; it is just a FW.

LM

Andreas · July 6, 2007, 9:21pm

The leaktest results are from March 2006 (!).

Now it is July 2007 (!).

Andreas

system · July 6, 2007, 11:55pm

In other cases, the act as server alert is the loopback connection check:
https://forums.comodo.com/help/application_allowing_resolved-t6908.0.html;msg50620#msg50620

gordon · July 7, 2007, 10:09am

so, this isn’t a problem that YOU HAVE HAD YOURSELF it’s some old noob-talk
from another forum ?
exactly what is the point of this ? I don’t understand what you are asking about …

carioca · July 8, 2007, 10:27pm

(:TNG)
Because this is a democratic forum and it’s related to CFP. Comodo discussion it’s the right place to argue about, If you don’t mind! So long…
(:NRD) (:AGY)

Little_Mac · July 9, 2007, 10:08pm

Carioca,

Do you know the answers to the questions I asked in my previous post?

LM