I have many security holes, HELP PLEASE!

Learn about Computer Security Leak Testing/Attacks/Vulnerability Research
#1

Firewall is installed with proactive defense +
Firewall = Custom policy mode
Defense + = Paranoid mode

Im using XP Pro SP3 with latest updates, im using latest Comodo (Downloaded before 10 minutes).

Experts look at this, this is realy disapointing results.
Comodo canot pass even 10% of leak tests.
http://img223.imageshack.us/img223/3765/leakt.jpg

NOTICE: My WinXP are fully tweaked, i disable NULL SESSIONS, Autorun, and some services :
Look at this, maybe i disable something i shouldnt, best would be if some comodo admin comes here and helps me…

Aplication management,
ASP.NET
Computer browser
DHCP Client
Error reporting service
Fast user swithing compatability
HID input service
Java Quick starter
Server
TCP/IP Netbios helper
Net meeting
Security accounts manager
Smart card
Task Schudler
Secondary logon
Print spooler
System restore service
Performance logs and alerts
Telephony

Thank you !

#2

Welcome. :slight_smile:

Go to Miscellaneous > Manage My Config > Select > Proactive Security. This is a higher security setting and more alerts will be generated.

Now run the leak test again and block all the alerts from it. :slight_smile:

#3

Y…

And you can also if you like check kyle’s manual of how to MANUALLY set CIS to something PROACTIVE a-like… =)

D+:
https://forums.comodo.com/defense_guides/setting_up_defense_for_maximum_security-t30473.0.html

Firewall:
https://forums.comodo.com/firewall_guides/setting_up_firewall_for_maximum_security-t30535.0.html

#4

After install, before i connect to internet i am fully configure my firewall, ports and router.
And you are talking about this ? http://img504.imageshack.us/img504/4595/misc.jpg
It is proactive.

#5

Hmm. Go to D+ > Advanced > Monitor Settings > and make sure all those items are selected.

#6

I think i have big problem here, i dont know why i have so much security holes.
Firewall = Custom policy mode alert settings on medium
Defense + = Safe mode with all monitor settings enabled
Image exec [at] normal
I blocked all incoming connections and i stealth my ports to everyone

And another question, can anyone tell me why “Win OS, FORCE to connect to internet trough port 54777.” Look [at] this every second he try to go out
http://img210.imageshack.us/img210/4893/99408285.jpg

Thank you guys for helping me!

#7

I have SEEN this before on my PC once:

I was running a Admin Account with out a password i got the same results

So you maybe running a admin or limited user account with out a pass
Make a pasword and you should be fine!!

#8

Yes i have a password , and strong one.
I am not a begginer i am realy educated guy but have problem with comodo leaking test now i have 150 points and most of false are in “Injection:”

#9

Quick question osc,

Did you have the leaktest application on your pc before installing CIS?

Go to Defence+/Advanced/Computer Security Policy–>Remove all the entries for clt.exe and hit APPLY

Also in Computer Security Policy Double click on the entry %windir%\explorer.exe–>access rights–>Click on “Modify” next to “Run an executable”–>If there is a clt.exe listed in “Allowed applications” highlight then remove it and APPLY to close all windows.

Now run clt.exe again and make sure on every alert you select “Block” and make sure “Remember my answer” isn`t ticked.

Also do you use utorrent(on port 54777) or similar and have recently closed it?
Is your IP 192.168.1.107 assigned statically by you? Try at a cmd prompt IPCONFIG /ALL

Matt

p.s. Almost forgot…Also have a look in Firewall/Advanced/Network security policy/Application rules–>Remove any entry for clt.exe if there is one