Programms with "Stolen Rights" can go Online in Comodo v3 with aktivatet Defense

Learn about Computer Security Leak Testing/Attacks/Vulnerability Research
#1

Hello , first of all, sorry for my Bad English

I have read in the New “PC-Welt” (A German Computer Newspaper) a new Firewall Test.

The Comodo Firewall v3 and Zone Alarm Free v7 was tested also.

The PC-Welt Crew have bypassed the Comodo Firewall with a verry old Trick. They have stolen the Access Rights from a Allowed Programm (for example IE) and go with a New Application with the stolen rights online.

The same Test with ZoneAlarm was NOT succsessfull…ZoneAlarm have Blocked this Attemp.

Another Test was bypass the Firewalls with a Trojan. 8 from 10 Atempts was blocked by Comodo, 2 Trojans have succsessfull bypass the Firewall. ZoneAlarm has blocked all 10 Trojans.

How exactly and wich Techniks the PC-Welt Crew use, they dont have written.
Everyone who interesting the Artikel it stand in “PC-Welt 05/08 Site 82 - 90” Language is German.

In all Tests the Defense+ System was aktivatet

There was teted 7 PFWs only 2 was Reconommed…First Place ZoneAlarm, Second Place Comodo v3.

I knew, with the “Original Installed Options” the Option “Do Protokoll Analysis” is disabled and i have enabled it, like in Comodo 2.4. I have also enabled “Monitor other NDIS Protokolls like TCP/IP”.

my Question is, why is “Do Protokoll Analysis” “off” by default, and i hope that Comodo Fix this Problem with “Stolen Rights”…i was alittle suprised, because the Trick with “Stolen Rigths” is not the newest…

mfg Frogshock

#2

Could you, please, give the link from where you read this?
Thanks.

#3

It’s a pitty that no facts were provided by “crew”:

How exactly and wich Techniks the PC-Welt Crew use, they dont have written.

For me it looks like 2 possibilities: either PC-Welt crew… let’s say… overstated their findings…
or they really found a way to bypass CFP but not giving exact information with aim to charge Comodo for details ;D

#4

I wouldn’t trust it too much if they don’t give details on which methods/trojans they used in the tests.

Cheers,
Ragwing

#5

I am sure they would inform us as a responsible publishing house as i have no doubt they have many Comodo users and they wouldn’t want them to suffer as a result.

We haven’t heard anything from them about this.

We look forward to receiving the info if they have any.

thanks
Melih

#6

Dont take them seriously unless they publish their results and test tools. ZoneAlarm can not compete with CFP 3 in terms of malware behavior detection and blocking.

Egemen

#7

G’day,

Can you please post a link to the article in PC-Welt. The only reference I can find on thier site is

http://www.pcwelt.de/index.cfm?action=sitesearch&query=Comodo&pid=930

which is a simple download page.

Cheers,
Ewen :slight_smile:

#8

Hi Frogshock, Can u post a link.

I find only this so far.

http://www.pcwelt.de/start/sicherheit/firewall/tests/63996/fuenf_kostenlose_firewalls_im_test/index.html

#9

Maybe it is not on the website yet, he did say that he read it in a newspaper.

#10

Hi, found it …, copyrighted article, €0.45, credit cards accepted, I didn’t buy or read it, though …

http://www.pcwelt.de/index.cfm?pid=5&op=l&j=2008&m=5#
Internet & Sicherheit: Alles über Firewalls "2008/05: PC sicher abschotten S. 82 - 90 ,45 Euro