LeakTest 1.2 not blocked

Can someone please tell me how to setup CPF to pass the LeakTest from GRC | LeakTest -- Firewall Leakage Tester   ?
I renamed leaktest.exe to firefox.exe and put it into the Firefox directory. Firefox is a trusted application, but CPF does not recognize any change in firefox.exe and so the leaktest fails.

I studied the manual and searched this forum, but to no vail. Help :slight_smile:

PS: Right after I pressed “Save” here I found this thread. D’oh! I must have used different wording when searching.

If GRC’s leaktester was already on your PC when CFP was installed and you have run the firewall in SAFE mode, then all apps that were installed before the firewall are considered safe and won’t produce reports.

Ewen :slight_smile:

I downloaded leaktest today and the firewall runs in custom mode. While doing the test with Firefox I
renamed firefox.exe to firefox3.exe. When I run firefox3.exe I get this message: see attachment

Shouldn’t CPF know the firefox.exe and even noticed I renamed it myself - according to what is written
in the thread mentioned above.

Gary

[attachment deleted by admin]

maybe u have to protect your firefox folder from any change?

I had a similar problem and resolved it (though I’m not sure how I did it). See my thread at

[i][b]https://forums.comodo.com/leak_testingattacksvulnerability_research/grc_leak_test-t26652.0.html;msg194179[/b][/i]

It may help.

Hi,
Same for me I downloaded some days ago GRC’s leaktester, i rename leaktest.exe to firefox.exe (firefox is not a trusted application for me) and leaktest fails (defense run in paranoid mode & firewall custom policy).
I was surprised and after a search i found the link of your first post and i’ve tried :

It’s work :slight_smile:

PS : Why i don’t see leaktest.exe in Defense±> Computer security policy ??? (remember my answer)

Xw =)

I think alot of you are misunderstand the test. It is a Firewall test. Not a HIPS test. The screen shots are showing D+ alerts not firewall alerts. I have run the GRC test well over 100 times and renamed it everything in the book and Comodo Firewall blocks it. Yes I said firewall not Comodo HIPS.

I know Vettetech :), I pass GRC test.
To run leaktest.exe you need to allow it (D+), then you can do the firewall test (Comod blocks it).
But Leaktest.exe should be “displayed” in D+=> computer security policy ?

Ty

Was the alert you got explorer.exe wants to run leaktest.exe?
If so have a look under Defence+/Advanced/Computer Security Policy/Highlight the entry %windir%\explorer.exe and choose “Edit”/Now click “Access Rights”/Now “Modify” next to Run an executable.
Here you will find the list of executables which explorer has run and been asked to save.

Matty

It’s what I was looking for!
ty a lot Matty_R :slight_smile:

Xw
ps: Solved for me

V3 does not have hash functions.
So if you rename a app to firefox what V3 sets as a trust app and place in the same fold.
That app will get the same right as firefox.

Hey pastport.

Wait a minute . . . wait a minute . . .

If Comodo does not have the ability to recognize a name change on an app as potentially malicious, then it has a simple vulnerability to malware that changes an app name to gain access to the system.

I can’t imagine that’s correct, so I must be missing something here. Either I misunderstood what you were saying or I’m just flat out wrong.

'Splain it to me.

TIA

That will depend you rule.
When a unknow app or app without correct fd rule want to modify a file in my protected files list,V3 will pop a alter.
But if a app you trust it, then use it to replace a app with another one which has the same name.V3 will not pop a alter.
V3 will not check if a app has been changed.

What do you mean “correct”? Can you give an example of correct and incorrect???

Just mean allowable