I have many security holes, HELP PLEASE!

OutstandingCoder · April 23, 2009, 10:22pm

Firewall is installed with proactive defense +
Firewall = Custom policy mode
Defense + = Paranoid mode

Im using XP Pro SP3 with latest updates, im using latest Comodo (Downloaded before 10 minutes).

Experts look at this, this is realy disapointing results.
Comodo canot pass even 10% of leak tests.
http://img223.imageshack.us/img223/3765/leakt.jpg

NOTICE: My WinXP are fully tweaked, i disable NULL SESSIONS, Autorun, and some services :
Look at this, maybe i disable something i shouldnt, best would be if some comodo admin comes here and helps me…

Aplication management,

Computer browser
DHCP Client
Error reporting service
Fast user swithing compatability
HID input service
Java Quick starter
Server
TCP/IP Netbios helper
Net meeting
Security accounts manager
Smart card
Task Schudler
Secondary logon
Print spooler
System restore service
Performance logs and alerts
Telephony

Thank you !

fazio93 · April 23, 2009, 10:26pm

Welcome.

Go to Miscellaneous > Manage My Config > Select > Proactive Security. This is a higher security setting and more alerts will be generated.

Now run the leak test again and block all the alerts from it.

who_te_fuc · April 23, 2009, 10:31pm

Y…

And you can also if you like check kyle’s manual of how to MANUALLY set CIS to something PROACTIVE a-like… =)

D+:
https://forums.comodo.com/defense_guides/setting_up_defense_for_maximum_security-t30473.0.html

Firewall:
https://forums.comodo.com/firewall_guides/setting_up_firewall_for_maximum_security-t30535.0.html

OutstandingCoder · April 23, 2009, 10:35pm

After install, before i connect to internet i am fully configure my firewall, ports and router.
And you are talking about this ? http://img504.imageshack.us/img504/4595/misc.jpg
It is proactive.

fazio93 · April 23, 2009, 10:38pm

Hmm. Go to D+ > Advanced > Monitor Settings > and make sure all those items are selected.

OutstandingCoder · April 23, 2009, 10:51pm

I think i have big problem here, i dont know why i have so much security holes.
Firewall = Custom policy mode alert settings on medium
Defense + = Safe mode with all monitor settings enabled
Image exec [at] normal
I blocked all incoming connections and i stealth my ports to everyone

And another question, can anyone tell me why “Win OS, FORCE to connect to internet trough port 54777.” Look [at] this every second he try to go out
http://img210.imageshack.us/img210/4893/99408285.jpg

Thank you guys for helping me!

OmeletGuy · April 23, 2009, 11:14pm

I have SEEN this before on my PC once:

I was running a Admin Account with out a password i got the same results

So you maybe running a admin or limited user account with out a pass
Make a pasword and you should be fine!!

OutstandingCoder · April 23, 2009, 11:22pm

Yes i have a password , and strong one.
I am not a begginer i am realy educated guy but have problem with comodo leaking test now i have 150 points and most of false are in “Injection:”

riggers · April 24, 2009, 3:04pm

Quick question osc,

Did you have the leaktest application on your pc before installing CIS?

Go to Defence+/Advanced/Computer Security Policy–>Remove all the entries for clt.exe and hit APPLY

Also in Computer Security Policy Double click on the entry %windir%\explorer.exe–>access rights–>Click on “Modify” next to “Run an executable”–>If there is a clt.exe listed in “Allowed applications” highlight then remove it and APPLY to close all windows.

Now run clt.exe again and make sure on every alert you select “Block” and make sure “Remember my answer” isn`t ticked.

Also do you use utorrent(on port 54777) or similar and have recently closed it?
Is your IP 192.168.1.107 assigned statically by you? Try at a cmd prompt IPCONFIG /ALL

Matt

p.s. Almost forgot…Also have a look in Firewall/Advanced/Network security policy/Application rules–>Remove any entry for clt.exe if there is one