OK . . . lemme see if I can 'splain this in an organized fashion so that you can understand what I did, and then I’ll attach that config report . . . ACTUALLY I’VE ATTACHED TWO, and I’ll explain why I did that in a minute.
Step 1: In Comodo in Network Security Policy, I removed “E:\Downloads\Downloads Completed\Leak Test.exe” and “E:\Downloads\Downloads Completed\explorer.exe”. Both of these entries were from a previous tests I had done where I had gotten the alert and told it to block and remember (the explorer.exe was what I renamed Leak Test.exe in a second test). I removed them because I wanted to get the alert, just to see if it would do it. And I thought that if the blocking remained then it would block but I wouldn’t get an alert, which I confirmed with another test later.
Step 2: I ran the GRC Leak Test, got the Firewall alert, and told it to block and remember, and Leak Test announced that Comodo had passed.
Step 3: I renamed Leak Test.exe to explorer.exe and ran the GRC leak test again. And again I got the alert, and again I responded with block and remember, and Leak Test announced that Comodo had passed.
Step 4: Just to verify that I wasn’t getting a “false positive” on the passing, I ran the Leak Tests again only this time I checked “allow” and Leak Test announced that my firewall had been “penetrated”, i.e. failed.
END OF TESTS
I can duplicate these circumstances and tests and post screenshots if that would help, but I think the config reports will show you what I did.
The reason I’ve attached two config reports is to show you how it was BEFORE I removed the Leak Test entries from Network Security Policy (CFP_Report before removing leak tests.txt) and AFTER (CFP_Report AFTER removing leak tests.txt), as stated in Step 1. As you can see, there are 26 Network Security Policies before, and 24 after removal of the two leak tests (the second being the renamed . . . explorer.exe . . . one).
Thanks for all your help (nice script by the way . . . my compliments), and my suspicion is that I have this all wrong. Am reading through the manual (RTFM), but it’s for version 2 and as I understand it hasn’t been updated for version 3. I have noticed that the screenshots in the manual are VERY different from version 3. Version 3 must have been a considerable overhaul of the GUI.
Nevertheless, I’m assuming the principles discussed in the manual are the same for version 3.
THANKS again!!!
Oh . . . and one more thing. I DIDN’T change any other settings in this exercise.
[attachment deleted by admin]