Leak test results failure [CLOSED]

Learn about Computer Security Leak Testing/Attacks/Vulnerability Research
#1

These are my results with the firewall set to custom policy mode and D+ set to clean pc mode. Configuration is set to firewall security and the rest of the settings are at default.

COMODO Leaktests v.1.1.0.3

Date 01:01:18 - 12/6/2008

OS Windows XP SP3 build 2600

  1. RootkitInstallation: MissingDriverLoad Protected
  2. RootkitInstallation: LoadAndCallImage Vulnerable
  3. RootkitInstallation: DriverSupersede Vulnerable
  4. RootkitInstallation: ChangeDrvPath Vulnerable
  5. Invasion: Runner Protected
  6. Invasion: RawDisk Vulnerable
  7. Invasion: PhysicalMemory Vulnerable
  8. Invasion: FileDrop Vulnerable
  9. Invasion: DebugControl Vulnerable
  10. Injection: SetWinEventHook Vulnerable
  11. Injection: SetWindowsHookEx Vulnerable
  12. Injection: SetThreadContext Vulnerable
  13. Injection: Services Vulnerable
  14. Injection: ProcessInject Vulnerable
  15. Injection: KnownDlls Vulnerable
  16. Injection: DupHandles Vulnerable
  17. Injection: CreateRemoteThread Vulnerable
  18. Injection: APC dll injection Vulnerable
  19. Injection: AdvancedProcessTermination Vulnerable
  20. InfoSend: ICMP Test Protected
  21. InfoSend: DNS Test Protected
  22. Impersonation: OLE automation Vulnerable
  23. Impersonation: ExplorerAsParent Vulnerable
  24. Impersonation: DDE Vulnerable
  25. Impersonation: Coat Protected
  26. Impersonation: BITS Vulnerable
  27. Hijacking: WinlogonNotify Vulnerable
  28. Hijacking: Userinit Vulnerable
  29. Hijacking: UIHost Vulnerable
  30. Hijacking: SupersedeServiceDll Vulnerable
  31. Hijacking: StartupPrograms Vulnerable
  32. Hijacking: ChangeDebuggerPath Vulnerable
  33. Hijacking: AppinitDlls Vulnerable
  34. Hijacking: ActiveDesktop Vulnerable

Score 50/340

(C) COMODO 2008

Even when I set config to proactive I still get less than 100/340. Can anybody tell me what am I doing wrong?

#2

Did you have the leak test on your PC before you set CIS to Clean PC Mode?

Clean PC Mode:

“From the time you set the slider to ‘Clean PC Mode’, Defense+ will learn the activities of the applications currently installed on the computer while all new executables introduced to the system are monitored and controlled. This patent-pending mode of operation is the recommended option on a new computer or one that the user knows to be clean of malware and other threats. From this point onwards Defense+ will alert the user whenever a new, unrecognized application is being installed. In this mode, the files in ‘My Pending Files’ are excluded from being considered as clean and are monitored and controlled.”

Try paranoid mode.

#3

Thanks .FaZio93. for your response.

Yes, I had the leak test run on my pc before I set CIS to Clean PC Mode; I had D+ disabled the first time I ran the leak test. Does that interfere with the results 2nd time around and if so, what can I do to correct the problem? Thanks again.

#4

You need to switch to Proactive Security Configuration, via right click tray icon & choose Configuration.

Cheers,
Josh

#5

Thanks .FaZio93. and 3xist.

Problem solved. Score 340/340.

#6

Cheers zen!

I will close this one, PM any online mod if you want this thread reopened. :slight_smile:

Cheers,
Josh