Leak Test Fail Again - Please help

Comodo Internet Security - CIS Beta Corner - CIS
1

Guys
Here is a strange one and I hope somebody can let me know what is going on. Just allowed CIS to update and rebooted, version is now 4.0.133118.719. Did leak test using the following setup

Config proactive
Sandbox on
D+ paranoid
score 160/340

Config internet security
Sandbox on
D+ paranoid
score 160/340

Config proactive
Sandbox off
D+ paranoid
score 160/340

Config internet security
Sandbox off
D+ paranoid
score 160/340

All the scores are thje same and with the previous version I got 330/340. What the hell happened between the versions??

shadha :THNK

2

Just thought I would try the whole thing again. Did a reboot etc etc and here are the results again

Cofiguration Internet Security Internet Security Proactive Proavtive
Sandbox Enabled Disabled Enabled Disabled
D+ Paranoid Paranoid Paranoid Paranoid
Score 160/340 160/340 160/340 160/340

Hope someone can help cause I want to get 340/340
shadha

3

Windows XP, CIS 4.0.133118.719, sandbox disabled.

Internet security: 320/340
21. InfoSend: DNS Test Vulnerable
25. Impersonation: Coat Vulnerable

Proactive security: 330/340
25. Impersonation: Coat Vulnerable

4

Windows XP Pro SP3, CIS 4.0.133118.719 RC 2, Sandbox disabled.

Proactive Security:
CFP Safe Mode
D+ Safe Mode
Sandbox Disabled
CAV Safe Mode
Score 340/340

Report Attached:

[attachment deleted by admin]

5

Tested again, Safe Mode (FW/D+), sandbox disabled:

Internet security: 320/340
21. InfoSend: DNS Test Vulnerable
25. Impersonation: Coat Vulnerable

Proactive security: 340/340 :slight_smile:

6

Alright guys
time to stop screwing with my brain. it isnt real big what I’ve got I want to have normal. I uninstalled CIS latest version and reinstalled and here are the results

Cofiguration Proavtive
Sandbox Diabled
D+ Paranoid
Score 340/340

Just what I wanted, now the $6,000,000 question, why?
shadha

7

LeakTests is fooled by the sandboxing feature. Check out this thread for more on the subject.

8

yea but sandbox is disabled.
shadha

9

retest: cis 4.0.133118.719

profile: proactive security
d+: safe mode
fw: safe mode
sandbox: off

clt: 340/340 :slight_smile:

i have one question to comodo: why exists in cis 3 or more profiles like internet security ,firewall security ,proactive security ?

proactive security profile is the strongest of all ,why is this profile not the only one?

10

could anyone pleeeeeeease explain why yesterday i got 340/340 and today 150/340 without changing anything. i tried rebooting but still the same. tried safe mode, internet security etc etc but still the same. please see below and btw my os is windows 7 not vista.

the Date 6:02:28 PM - 23/02/2010
OS Windows Vista SP0 build 7600

  1. RootkitInstallation: MissingDriverLoad Protected
  2. RootkitInstallation: LoadAndCallImage Protected
  3. RootkitInstallation: DriverSupersede Protected
  4. RootkitInstallation: ChangeDrvPath Vulnerable
  5. Invasion: Runner Vulnerable
  6. Invasion: RawDisk Vulnerable
  7. Invasion: PhysicalMemory Protected
  8. Invasion: FileDrop Vulnerable
  9. Invasion: DebugControl Protected
  10. Injection: SetWinEventHook Vulnerable
  11. Injection: SetWindowsHookEx Vulnerable
  12. Injection: SetThreadContext Vulnerable
  13. Injection: Services Vulnerable
  14. Injection: ProcessInject Protected
  15. Injection: KnownDlls Vulnerable
  16. Injection: DupHandles Protected
  17. Injection: CreateRemoteThread Protected
  18. Injection: APC dll injection Vulnerable
  19. Injection: AdvancedProcessTermination Vulnerable
  20. InfoSend: ICMP Test Protected
  21. InfoSend: DNS Test Vulnerable
  22. Impersonation: OLE automation Protected
  23. Impersonation: ExplorerAsParent Protected
  24. Impersonation: DDE Vulnerable
  25. Impersonation: Coat Vulnerable
  26. Impersonation: BITS Vulnerable
  27. Hijacking: WinlogonNotify Protected
  28. Hijacking: Userinit Vulnerable
  29. Hijacking: UIHost Protected
  30. Hijacking: SupersedeServiceDll Vulnerable
  31. Hijacking: StartupPrograms Vulnerable
  32. Hijacking: ChangeDebuggerPath Protected
  33. Hijacking: AppinitDlls Vulnerable
  34. Hijacking: ActiveDesktop Protected
    Score 150/340

shadha >:(

11

well turned of my laptop last night after getting that dismal result and turned it on this morning. Tried the leak test again and guess what, i got a perfect score again. Perhaps the devs could look at why one day all is ok and the next it isnt and I never touched a single setting.
shadha ;D

12

Hey guys
this is becoming very strange, since my last post when i got a perfect score i turned my laptop off and have just turned it on again after about 3 hours. I tried the leak test again and i got a 170/340.
does any body have any answers. i almost seems like an intermittant fault. also is there anybody having the same problem
shadha :THNK

13

Well guys its been about 11 hours since my last post and just started my laptop again. just tried leak test again and failed miserably with a 170/340. has anyone got any ideas of what is happening cause i am at a total loss.

Hey Panic you’re a pretty smart cookie, can you shed any light on this.

shadha :THNK

14

Sorry, but mine’s consistent at 330/340 (fail=COAT).

I assume you’re using the same user logon each time. ???

Ewen :slight_smile:

15

Hey guys looky here in the help:

“COMODO - Proactive Security - This configuration turns CIS into the ultimate protection machine. All possible protections are activated and all critical COM interfaces and files are protected. During the setup, if only Comodo Firewall installation option is selected, the next screen allows users to select this configuration as default CIS configuration. If selected, Firewall is always set to Safe mode. But according to the malware scanning results performed during the setup process, if no malware is found, Defense+ is set to Clean PC mode. Otherwise, the default is Safe mode.

Isn’t this what we’re looking for?

Although hmmm…

16

Ok here is the lastest update. i uninstalled, rebooted, re installed, rebooted and set to proactive, sandbox to disabled, D+ to paranoid, FW to safe and av to stateful and got 340/340.

I will keep you all posted and let you know tomorrow morning if there is another fail.
shadha

17

Well as I said, I would give you an update. After leaving my laptop off for the night and starting it again i did the test again and got a 340/340. All went well after the last uninstall and reinstall. I will keep you posted.
shadha :slight_smile:

18

here is hopefully my last response to this article, after another night all went well this morning and got a perfect score again. Perhaps if others have this type pf problem then they can try what I did.
shadha ;D

19

Alright here we go again. This time i uninstalled revo uninstaller basic and then installed revo uninstaller pro and that is all I did. Then tried leak test and a complete fail, i bet if i uninsatlled CIS and re installed it again all will be ok. I am going to give this a go again and let you know what happens. I am just wondering if there is some instability that occurs when programs are installed or uninstalled.
shadha

ps
i’ll be back soon

20

Well it was as i expected. after uninstalling and reinstalleng CIS i once more have a perfect score 340/340. Perhaps the devs can have a look at why CIS is losing its settings internally cause the settings via the gui have not changed.
shadha ;D