hello everybody
Unfortunately NIS2011 fails PC Flank Leak test on my PC !! ( Win7 x86 fully updated , NIS2011 updated , all default settings ) , I gave NIS2011 a second chance so I set it up with all the power ( aggressive in all three heuristic options , APC is turned off and AEM turned on…) and still didn’t pass the test !!
And just to make sure that nothing is wrong with my PC , I made a fresh NIS2011 installation on my virtual machine (free x86 Oracle VirtualBox ) with windows 7 x86 freshly installed …
I got NIS2011 installed with all default settings except APC is turned off and AEM turned on
I started the PC Flank Leak test …
and then I manually started the internet explorer in this step to eliminate false positives as recommended in this message…
I got this message when opening internet explorer manually ( test didn’t start yet )
of course , you have to allow this to start the test …
And when I started entering the test data I got this message …
I blocked it as u can see …
And then I typed the test data ( testing !! )
and the results , a big fail message !
And my test data is on PCFlank server !!
Please note that this is a fresh new NIS2011 installation with all default settings except APC is turned off and AEM turned on
be aware that The (pass) or (fail) messages are decided if the leaktest gains control of your Internet Explorer browser through OLE, not if data is/isn’t transmitted. I tried that though and I can confirm that The test is reliable, but its output is ambiguous, cause it’s supposed to say ( your firewall is leaky but the internet connection is disconnected ) when u r offline, but it doesn’t ! , so PC Flank needs to fix this part…
But when you go online u will see the test data that u just provided leaked to their server !! , which is a big fail for NIS2011 no doubt…
then I made the following test by comodo firewall
I disabled the NIS2011 firewall only , and I got comodo firewall installed ( with proactive defense configurations ) on my virtualbox win7…
1- started IE manually
2- started PC Flank leak test ( comodo popped up a message that it’s a malicious software ! But I ignored this alert with the once option )
3- I typed the test data ( comodo didn’t detect the keylogger activity like NIS did ! )
4- I pressed next , and voila ! , comodo caught it ! , a message popped up saying :
( PCFlankLeaktest.exe is trying to access a protected com Interface InternetExplorer.Application.1. If PCFlankLeaktest.exe is one of your everyday applications , you can allow this request.)
I blocked it and the result
( your firewall has passed the test ) … :-TU
keep up the good work comodo !
I was an old fan of comodo firewall and i never knew that the comodo antivirus just got better in the last 2 years
so I uninstalled the NIS2011 to test the CIS2011 on my machine and I hope It will be as strong as the award winning comodo firewall …
I posted these results on Norton community forums and they insist that everything is just running as it’s supposed to be !! saying that If there were a malicious payload abusing this technique, Norton should block it!!..
I replied that the rationale behind the leak tests is painfully simple: “If this test can get past your computer’s security defenses, then so can a hacker.”
I still think that NIS2011 is a very good program but I’m pretty sure that it needs improvements on this kind of OLE leak techniques…
and I guess if just comodo got much better on malware removals rates , it will be the best ever
so keep working comodo! and you will reach the top soon !