Why does comodo fail this leak test?

You've completely and utterly missed the point! Comodo gave me no alert what so ever And I had it set up perfectly.

As for PC flank leak test being a hips test their website clearly states it's a firewall test.

And just so it sinks in. Comodo gave me no firewall alert!

 

They can say whatever they want about the test, OLE automation is done locally between processes.
It's as much of a firewall test as matousec is a firewall testing site.

In any case, it's something on your end, Comodo is clearly blocking/intercepting OLE automation, as per screenshots posted.

 

It was a fresh install of windows 7 and comodo. Anyway I'm no longer concerned about comodo failing the leak test I've switched back to oa

 

Not everything that is written on a site is the truth.

It's a matter of configuration of your security setup. For you Comodo allowed it, for me it stopped it. It's the same program, but configured in different ways.

 

@Breakfastofchumps, OA also gives HIPS alert, it is not a firewall alert. They explained well.

 

Emsisoft Anti-Malware pops up, brands the download as malicious and stops it in its tracks (unless you override the admonition to quarantine).

 

Purchase a router and dont worry so much about "tests".

Worry about things that matter in life,dont make things so difficult.

 

Great answer.

 

This is more of a leak test and pure firewalls will simply fail this test unless combined with HIPS.

So when exploits let's say taking advantage of your browser's vulnerabilities will execute codes that will return a command shell to the hacker or that will download malware like trojans and rootkits or keyloggers which will capture any keystrokes and will phone away passwords etc, those "Firewalls" with Application Control may be able to catch that malware from phoning home or that cmd shell trying to connect out but if these malware codes will do code injections on trusted processes which is whitelisted on your firewall rules. It's game over. Routers will not save you from those situations.

HIPS and application firewalls can be configured to catch such unwanted behaviours like dll injections, process modifications, etc, which a malware code might do. And if your Comodo fails this test, it means you haven't configured it properly to catch remote COM calls on which your OA have been configured conveniently to alert you of such unwanted action.

If you don't do much online banking, no trade or company secrets to guard and do regular back ups, yes, router and AV will suffice.

Edit:
Persons who don't want an AV or a very obtrusive HIPS will find a likewise stronger protections from Sandboxing and/or NoScript and other whitelisting layers such as LUA-SRP/Applocker/AE barring those very rare memory only malwares and other advanced threats used in targeted attacks. If it can't execute in the first place, it can't do those above code injections and other malicious actions.

 

Through this thread, I was introduced to the website PC Flank. After running a few tests, though, I question the test results produced by the site. For example, I ran the Advanced Port Scanner and the following 4 ports were reported as being closed, not stealthed: 135, 137,138, 139.

To verify these results, I went to Steve Gibson's ShieldsUP! website and tested these 4 specific ports via Gibson's User Specified Custom Port Probe. Gibson reported all 4 ports as having a status of "Stealth". I have complete trust in Gibson's test results, since Steve Gibson does not promote any computer software/hardware. PC Flank, on the other hand, prominently promotes and recommends the Outpost Pro Firewall product.

p.s. Regarding Breakfastforchumps' question, I too have the Comodo Firewall and Comodo correctly flagged the downloaded PCFlanktest executable as a malicious item.

 

Both great software but Comodo requires more tinkering for better results
Still i prefer OA (Who smells fanboyism )

 

I think you failed in that test because you made PCFlankLeaktest.exe, trusted file in comodo

If you enable Sandbox in comodo and execute one file , that file gone to sandbox and can't do anything
But if you choose Don't isolate it again , That file gone to Trusted Files in comodo Defense+
And you give some access to that file
For that reason you failed in that test

First You must check that PCFlankLeaktest.exe is not trusted file in comodo Defense+
Move it to Unrecognized Files
And test again
You can see even if you don't get any alarm, you will pass that test

 

well actually the steve gibson site does promote software.its zonealarm firewall.
i think its a case of which company pays the most cash for a positive result and this is how i beleive matousec operates as well.if you pay them enough they will pass your firewall.

 

There are a number of current threads in the firewall section about Comodo Firewall, but in the posts reference is being made to the Sandbox and Defense Plus settings. This may be confusing some that aren't (sadly) familiar with Comodo programs.

Defense+ and the Sandbox are not part of Comodo Firewall, but are included with the firewall and AV in Comodo Internet Security. I'm sure almost everyone knows this, but just wanted to clarify for those that may not.

 

sandbox level: partially limited

 

You REALLY should change D+ to either Restricted or Untrusted.

 

If you mean me I always set D+ to Untrusted

 

Not you dear Sir. I noticed A25 had hers (his) on Partially limited in the post above and got a bit concerned. Not much difference between Restricted and Untrusted, but as I guess you know already there is a world of difference between Partially Limited and everything else.

 

XP Pro SP3 32bit

partially limited --> popup an alert window
limited --> popup an alert window
restricted --> block automatically
untrusted --> block automatically


---------------------
The enhanced protection mode must be enabled for X64 system.

 

Chrome passes also

 

I tried every test they offer. All fail, in multiple ways.

I have no firewall, no AV, no HIPS. Just windows 7 without UAC and chrome/sandboxie. And some applied common sense. Well, maybe a lot of tweaks to the OS helps too

Sul.

 

Ahh my mistake sorry

 

Go Chrome

 

I dont put a lot of faith in these "test sites"
if you look on their site it clearly advocates you use outpost firewall everywhere so no doubt they are getting "donations" from agnitum.
Shields up is the same.Zonealarm plastered everywhere,
Comodo leak test.its strange that comodo always does well and others not so well.
Its clearly obvious to me that their is some company funding going on here.
Matousec is another culprit..the list could go on.
Its misleading to say the least.i personally dont trust any of these "test sites"
Regards.

 

Steve Gibson's website (ShieldsUP, etc) has been around for years and really doesn't promote any product. Where did you see ZoneAlarm advertised on the site? I certainly didn't see anything.