Comodo Firewall Test Suite (i got a low result?) kaspersky and MBAB installed

Comodo Firewall Test Suite (i got a low result?)

kasperky and MBAB installed

When i ran the test i wasn't sure what to block or allow

but I'm getting a poor score?

Am i to worry?

 

I cannot extract the CLT arhive, AVIRA block's it..
So i gues i have the highes't score hahahaha

 

to use CLT u must make an exclusion for it by your antivirus, then run it outside any sandbox.

 

Not worth wasting the time. Nonsensical leak test, Matousec-style.

 

MBAM wont do anything for you on these tests, they are designed to test HIPS functions essentially with some firewall functionality too, not your signature based protection. If Avira blocks CLT it is a False Positive or an attempt by them to block users from seeing how badly their product performs on this one but then again it is not a product like Avira's job to block these tests so not really relevant to them.

Kaspersky scores well if you set all the Application Control categories to Ask and disable automatic decisions.

Your real issue is 'i wasn't sure what to block or allow' which indicates you should not rely on classical HIPS type software as they are only as safe as the person answering the prompt. So, again CLT is of no use to you.

These tests are indicative, nothing else, many feel even pointless but if you feel you need to score well here without the prompts you don't know how to answer something like Defensewall may be better for you.

Cheers

 

It's a HIPS test,so why do you call it nonsense?And if you have arguments for your answer,please enlight us.

 

U must run kaspersky on "interactive mode"
And also set unknown program as untrusted

Just say no to all hips pop up
You'll get much higher score (almot perfect )

And finally

U can add other hips such as spyshelter to achieve a perfect score

Regardless the test suite value, achieving 100% score is fun

 

Enough arguments about Matousec-style testing have been said, will not repeat them. Just use the search function. And as already said here, if the user cannot answer the prompts properly, any HIPS and the test is useless for him.

 

Yes,you are right about this part.

 

Just placing CLT.exe to Low Restricted should be enough for scroring 320 (KIS protects against KnownDLLs, but CLT uses it with MS-signed files which are whitelisted so it shows as "failed"). With some modification of settings it's possible to get 330.

When running the test, you should block all of the test's actions (aswell as the actions of the many Internet Explorers which the test launches).

Some malware does use some of the methods which this test uses, so for a HIPS it's good to be able to block CLT's actions.

 

The only problem is that the user tells the HIPS to block/alow something and usually the user is buged as a normal user doesn t know what trigers what and why

You mostly block yourself from using your own hardware/software properly.

 

Exactly why you don't give a HIPS to an average user, but for those who know how to use HIPSes properly they're very powerful for blocking malware.

For the one who opened the topic, I'd recommend enabling Automatic Mode if you don't know how to answer the pop-ups.