How is CPF against this termination test?

Hi,

Can someone test the last version (v4.0) of Advanced Process Termination, and tell the result?

Thanks

Before trying APF my first thought was that since APT is NOT making any connections to the Internet it won’t be stopped by CPF. As far as I know CPF springs into action with some kind of Internet access.

APT being a standalone application, with no Internet activity, will merrily do it’s thing without CPF monitoring it.

That said I gave it a whirl under my VirtualPC XP system. I was able to Kill lots of system stuff with no popups from CPF. I had everything set to maximum security.

Am I correct in my assumption that CPF is NOT designed for this sort of thing? If there is no Internet activity involved then CPF won’t provide any security? Or did I miss something?

Current version of CPF does not operate as a Sandbox (HIPS). In the future versions, it will have such a mode to intercept and approve all suspicious activities.

But it does protect its own ctirical processes cmdagent.exe and CPF.exe against process termination. Even if they are terminated, it will either block all internet activity or still apply the last security policy, depending on the type of termination.

So your outbound/inbound protection can not be breached by terminating critical firewall processes.

Hope this helps,

Egemen

APF terminated everything but appl behavour analysis. Had to open launchpad to access the main window.

[attachment deleted by admin]

Possible. But then all internet connections will be blocked. By terminating CPF or its dependent processes, a virus /trojan can not gain access the Internet which it is not allowed.

Egemen

I forgot myself to mention that I want that you test the APF against the CPF processes, to see if they are killed or not, and not if CPF prevents that APF kill another application…

[b]Self Protection against Critical Process Termination[/b]

Comodo Personal Firewall cannot be shut down by Trojans,Spyware or Viruses. These malicious programs may need to disable the firewall protection before they can operate. Comodo Personal Firewall 2.0 secures itself to make sure its critical processes are always active and running.

Sorry… :slight_smile:

Hope you can improve the CPF against all this terminations…

Now as of version 2.3.0.19 BETA, CPF must do very well in such sort of tests.

Egemen

Works very well now!

Keep the excellent work… :wink:

VaMPiRiC_CRoW
can you pls confirm that CPF can’t be shut down with the be above attacks now? (so that all our users are clear about this). Also can the above tests managed to shut down other firewalls?

thanks
Melih

Like I said, now CPF pass all the tests ;D

About the others Firewalls, I didn’t tried them all against this test, but I’m sure that almost will fail!
Maybe the “Zone Alarm Pro” and “Tiny Personal Firewall”, but I doubt…