I have recently set up my system and settled down with Windows XP Pro SPII running, Comodo Firewall 2.3.6.81, Prevx 1 2.0.5 Build 6 and NOD32 all maintained up to date.
The next phase is to check the protection being provided by these layers, and to learn of any conflict of interest or real need to maintain e.g. two programs giving AV protection. At the moment this is a legacy situation because NOD32 has been used for a long period and still in its’ paid for maintenance period. NOD32 has functioned faultlessly and is very regularly automatically updated by Esset.
Having carried out the tests recommended on various forums, all passed with flying colours, my interest in computer security has increased. Searches for alternative tests found:
I have searched for users comments regarding this test software but have drawn a blank, if anyone here can point to any such reports it will be very helpful.
The results leave what appears to be a need to close up a few holes in the protection, this is said advisedly because there is always the danger of marketing ploys or other reasons that may be open to interpretation. In the first case there is more than a strong suggestion that a Free [to try when the chips are down] download is taken advantage of because the current AV protection has failings. The test indicated that two files would be used for differing purposes. As can be seen from the attached screenshots Prevx 1 and NOD32 both identified an offending file and these seem to be different files. So if the two files were identified and acted upon, is there something adrift with the PC Security Test Result page? If the two files are correctly identified, and different, it appears that there is a need to maintain the present two pronged set up.
Comodo Firewall may be able to help in the following area, the events do not lend themselves to screenshots and would require lengthy description. Perhaps best approached by a knowledgeable user with experience of this program. This test program is able to perform several further tests and in particular the set from it’s “Proof Mode” link give the impression of being wide open to all sorts of possibilities, despite the fact that it reports that protection against hacking is good. This has to be tempered with the knowledge that the program is there by invitation and the acts performed could be part of that software function. Not being tech savvy enough to determine the real overall value of this test I would welcome any input. If there is a list of known “questionable” software, of this type, please direct me to it.
First question, how come when I clicked OK to end the initial running of the progam, it opened a browser page so I could buy their anti virus? I didn’t ask it to do this. Strange behaviour for an app that is trying to invoke trust.
When I started the AV test, CAVS2 immediately picked up the exe the test was trying to invoke. Although I blocked it, the test reported that it was still running its tests waiting for a response from the security software. The test couldn’t detect that its own software module had been killed.
When I started the hacker test, CPF reported the attempted outbound access and I blocked it. Despite external access being denied, the test sat waiting for a response from my security software.
2 out of 2 and their software didn’t appear to be clever enough to detect when things weren’t running the way they expected it to.
IMHO, I would place too much trust on this test suite. Others with more horsepower under their hairline may care to retest and prove me wrong, but two primary failures and a dislike of forced marketing lead me to dump this, post haste.
I experienced the same behavior exactly as panic. One other thing I caught was that after closing the program completely the firewall caught it trying to connect out port 80 on it’s own.
Many thanks panic and jasper2408 for your input, you have confirmed my gut feelings about this site and I certainly will not be making a return visit.
Your time and effort is very much appreciated and I hope it will help others to avoid trekking down the same path and perhaps getting unnecessarily concerned.
Perhaps my question, assuming I am not alone in desiring to verify protection, regarding testing should have been "Is there a list of Recommended Test Sites?
Neither of these produce their own anti virus or security products so they should not be slanted one way or the other towards a particular firewall. Matousec is an advanced network security analysis firm and firewallleaktester.com has what is probably the most comprehensive collection of firewall leak testing utilities freely available.
They are both a good starting point.
One small point, you may read on the Matousec web site that they do not feel that CPF (and all other windows based firewalls) provides an adequate level of protection. The results of their testing cannot be disputed, but their opinion that no firewall is good enough, IMHO, just doesn’t wash.
This is just my opinion, please form your own, based on reading the Matousec site info and the postings (both for and against) on this and other forums. Ultimately it comes down to personal choice based on knowledge and nothing beats knowledge.
I accept that the folk at pc-st.com site have to survive and “advertise” to do so, but simply knock uninvited items straight into touch.
The two sites you mention were my first points of call, due to following the Leak Test threads from CPF Forums. I liked the lack of in your face “sales” presence and you have to dig a little to find out what they are selling.
Perhaps their marketing ploy is to encourage ALL Firewall producers to purchase the Full Test Results they have on offer, although I cannot imagine that the report/s would correct all the “apparent” ills of the respective programs.
My first reaction on reading the item regarding how “poor” CPF was filled me with dismay, following after the glowing Leak Test Results it seemed like a ■■■■ a little below the belt. I can live with the level of protection afforded by CPF, especially combined with my other layers of protection.
It is a tad noisy and warm in my control room now, so the next course of action is to gain better understanding and take control of these programs [sizable learning curve coming up], then consider dropping a layer.
The problem with many of these ‘security tests’ that are tied in with a particular security application is that they are prone to find security holes that a cynic may say are dubiously designed to promote their own software.They often show up failings that aren’t really there in a real world situation.
These can seem alarming to the average person testing their security.Running Comodo PF,NOD32 and PrevX 1 you have a very high level of protection against 99% of the threats you’re likely to actually face during normal surfing.