Comodo Firewall Test Suite

Comodo put together a bunch of leak methods and put it into one program.
All you do is press test and at the end you get a score out of 340. Even cis itself misses 1 or 2 so don't start saying its rigged yet . I get 280/340 with KIS.

http://www.testmypcsecurity.com/securitytests/firewall_test_suite.html

 

Thanks for the link, it's finally something interesting happened here

Unfortunately, even from a brief look this test appeared to be inconsistent in results.

For example BITS test only checks either BITS job was created, but doesn't check either BITS job was actually executed, telling the test "failed" even in case BITS job failed to be executed.

KnownDlls test also is inconsistent, reporting test is failed in case it could add new entry to the KnownDlls section, though dll creation was blocked.
Other tests, that report "failed" do not provide a proof it really was failed, so all you can do is just to believe or not to believe.

Verdict: test is interesting, but needs to be improved concerning results consistency. At the moment they cannot be regarded as reliable.

PS. Is there any explanation, for example, what duphandles test does and how this can be exploited ? I personally do not see anything wrong with ability to duplicate a hadle. This is not enough to duplicate handle, you need to be able to use it.

More later

 

Primary Response 3.5 Beta stopped it dead in it's tracks

But with PRSC off I only scored 210? I thought with NIS2009 I'd do better? Oh well...

 

Hmmm......330 out of 340......not bad.

 

For explanations on test press the "?" in gui. It explains each test.

 

Hi Guys.

for Comodo Internet Security you need to make sure CIS is in the Configuration of Proactive Security (Right click CIS tray icon>Configuration>COMODO - Proactive Security).

Proactive Security activates full power of Defense+ You can use default configuration installation though if you want to test.

 

Just have a quick question regarding CIS and the PCFlank tests....

Running the "Advanced Port Scanner" tests, I ended up with ports 135 and 139 "Closed" (which according to PCFlank means they are accessible, not stealthed). So, what are my options here.... is this a good thing or an ornery situation Any info is appreciated.... many thanks !!!

 

Now how did you get that high?!

 

Hello Kalkriese

Wrong definition by PCFlank (or possibly your bad interpretation). They are not accessible by any means possible. They only remain as "seen" from the outside. Nothing can access them if they are closed (naturally, as the word "close" implies). If you still have concerns or intentions to make them "stealthed", please start a new thread as this question is far off topic for this thread. Then I and others will help in a more efficient way.

Cheers,

 

OA/EQS combination passes all tests except 2 - ActiveDesktop and DupHandles. Score 320/340. Not sure the result is correct for ActiveDesktop because OA does give a desktop warning and Block is selected.

If anyone interested, EQS with Alycon's rules was sufficient for most tests and was always first to pop-up. Anything missed by EQS was picked up by OA.

With OA protection on it's own, result was the same.

 

Hi,

Thank you, it seems a useful tool

Tested against latest Online Armor (paid) beta version : score 320/340

TF 4 was mute during all the tests

Regards,

MaB

 

Update:
With CLT run as DW untrusted along with EQS and OA, all tests passed and score 340/340.
With CLT set to OA run Safer, ActiveDesktop test still fails. Score 330/340.

Note: No response from Mamutu at all.

 

anyone tried to test comodo IS with this? what is the result?

 

Try Firewall>Stealth my ports to EVERYONE.

100% Pass. Aslong as you are in Proactive Security (One of the 4 Default Configuration options in CIS). The default installation Configuration (Internet Security) should be close to 100%... About 80% or so, I guess people need to test both configurations.

 

OA : 320/340
OA Run Safer : 330/340
Mamutu : 60/340
DW : 260/340
EQS : 260/340

OA + EQS + DW : 340/340

 

Avira PE premium won't even let download the test file!
(Heuristics set "high")

http://i115.photobucket.com/albums/n297/penfro/Clipboard01-11.jpg

 

this is not security, this is joke

 

Excuse me, but unless your post was a joke, what exactly is a joke to you?
Every decent AV will flag such tests as malware. And properly if I may say so.

 

its true.
but this dont show us antivir passed test

if rogervernon believe antivir pass test, this is joke
i think rogervernon believe.

 

Ah, if that was your point, than OK. I was thinking that you reffered that these test should not be flagged at all. My bad.

But I believe roger was just kidding us...

Cheers,

 

Not really kidding you!
Just a comment, that set on high heuristics, my AV flags the tests as suspicious.
It is then up to the user to decide whether to allow the content or not.
There is no comment (yet) from me about the results of the tests themselves.

 

Did the test with PC Tools Firewall 5.0 Beta and only scored 110 out of 340 and that's really bad and very disappointing!
Anyone else?

2nd test: PC Tools firewall OFF and Windows Firewall ON: 110/340 .......?
3rd test: No Firewall at all ON: 110/340 ........??

I kind of feel fooled an awful lot! Somebody may explain this to me.

 

This means, that all these programs should be needed to be 100% closed/secure and I would say......it's crazy to have all this installed.
It amazes me or the test means just nothing?

 

Installed Look 'n' stop 2.06 firewall (standard config and blocked "clt.exe" and score: 130/340 !!

I thought that Look 'n' Stop should be one of the 'better' firewalls?

So....someone tell me...what's the use having a software firewall installed if they don't make any difference in this score?
Or am I doing something wrong?

 

Big Apple,

I simply find it hard to put this... without being flamed by Comodo and OA fanboys...
Look'n'Stop is a way better firewall than both mentioned. It just wasn't designed to pass the leaktests, that's all. Why? Because that's not the purpose of a firewall. You see, OA and Comodo are not firewalls - they are suites with a classical HIPS incorporated in them, that's why they pass the tests. Throwing those leaktests against Look'n'Stop is just an unfair thing to do - it would be the same as to ask from a laundry machine to do your dishes. If you wish Look'n'Stop to pass leaktests, add a HIPS, say RealTimeDefender, to it. Now it can be compared to Comodo in a fair way.

Cheers,