Comodo Firewall Test Suite

Discussion in 'other firewalls' started by Coolio10, Nov 7, 2008.

Thread Status:
Not open for further replies.
  1. Coolio10

    Coolio10 Registered Member

    Joined:
    Sep 1, 2006
    Posts:
    1,124
    Comodo put together a bunch of leak methods and put it into one program.
    All you do is press test and at the end you get a score out of 340. Even cis itself misses 1 or 2 so don't start saying its rigged yet :). I get 280/340 with KIS.

    http://www.testmypcsecurity.com/securitytests/firewall_test_suite.html

     

    Attached Files:

    • clt.gif
      clt.gif
      File size:
      38.8 KB
      Views:
      3,602
    • clt.jpg
      clt.jpg
      File size:
      31.5 KB
      Views:
      3,602
  2. alex_s

    alex_s Registered Member

    Joined:
    Aug 13, 2007
    Posts:
    1,251
    Thanks for the link, it's finally something interesting happened here :)

    Unfortunately, even from a brief look this test appeared to be inconsistent in results.

    For example BITS test only checks either BITS job was created, but doesn't check either BITS job was actually executed, telling the test "failed" even in case BITS job failed to be executed.

    KnownDlls test also is inconsistent, reporting test is failed in case it could add new entry to the KnownDlls section, though dll creation was blocked.
    Other tests, that report "failed" do not provide a proof it really was failed, so all you can do is just to believe or not to believe.

    Verdict: test is interesting, but needs to be improved concerning results consistency. At the moment they cannot be regarded as reliable.

    PS. Is there any explanation, for example, what duphandles test does and how this can be exploited ? I personally do not see anything wrong with ability to duplicate a hadle. This is not enough to duplicate handle, you need to be able to use it.

    More later :)
     
    Last edited: Nov 7, 2008
  3. BrendanK.

    BrendanK. Registered Member

    Joined:
    Jun 23, 2008
    Posts:
    520
    Location:
    Australia
    Primary Response 3.5 Beta stopped it dead in it's tracks :)

    But with PRSC off I only scored 210? I thought with NIS2009 I'd do better? Oh well...
     
  4. LoneWolf

    LoneWolf Registered Member

    Joined:
    Jan 2, 2006
    Posts:
    3,408
    Hmmm......330 out of 340......not bad. :D
     

    Attached Files:

  5. Coolio10

    Coolio10 Registered Member

    Joined:
    Sep 1, 2006
    Posts:
    1,124
    For explanations on test press the "?" in gui. It explains each test.
     
  6. 3xist

    3xist Guest

    Hi Guys.

    for Comodo Internet Security you need to make sure CIS is in the Configuration of Proactive Security (Right click CIS tray icon>Configuration>COMODO - Proactive Security).

    Proactive Security activates full power of Defense+ You can use default configuration installation though if you want to test.
     
  7. Kalkriese

    Kalkriese Registered Member

    Joined:
    Feb 23, 2005
    Posts:
    25
    Just have a quick question regarding CIS and the PCFlank tests....

    Running the "Advanced Port Scanner" tests, I ended up with ports 135 and 139 "Closed" (which according to PCFlank means they are accessible, not stealthed). So, what are my options here.... is this a good thing or an ornery situation o_O Any info is appreciated.... many thanks !!! :D
     
  8. BrendanK.

    BrendanK. Registered Member

    Joined:
    Jun 23, 2008
    Posts:
    520
    Location:
    Australia
    Now how did you get that high?!
     
  9. Seer

    Seer Registered Member

    Joined:
    Feb 12, 2007
    Posts:
    1,596
    Location:
    Singidunum
    Hello Kalkriese

    Wrong definition by PCFlank (or possibly your bad interpretation). They are not accessible by any means possible. They only remain as "seen" from the outside. Nothing can access them if they are closed (naturally, as the word "close" implies). If you still have concerns or intentions to make them "stealthed", please start a new thread as this question is far off topic for this thread. Then I and others will help in a more efficient way.

    Cheers,
     
  10. hammerman

    hammerman Registered Member

    Joined:
    Jul 14, 2007
    Posts:
    283
    Location:
    UK
    OA/EQS combination passes all tests except 2 - ActiveDesktop and DupHandles. Score 320/340. Not sure the result is correct for ActiveDesktop because OA does give a desktop warning and Block is selected.

    If anyone interested, EQS with Alycon's rules was sufficient for most tests and was always first to pop-up. Anything missed by EQS was picked up by OA.

    With OA protection on it's own, result was the same.
     
  11. MaB69

    MaB69 Registered Member

    Joined:
    Dec 9, 2005
    Posts:
    540
    Location:
    Paris
    Hi,

    Thank you, it seems a useful tool

    Tested against latest Online Armor (paid) beta version : score 320/340

    TF 4 was mute during all the tests

    Regards,

    MaB
     
  12. hammerman

    hammerman Registered Member

    Joined:
    Jul 14, 2007
    Posts:
    283
    Location:
    UK
    Update:
    With CLT run as DW untrusted along with EQS and OA, all tests passed and score 340/340.
    With CLT set to OA run Safer, ActiveDesktop test still fails. Score 330/340.

    Note: No response from Mamutu at all.
     
  13. Criss

    Criss Registered Member

    Joined:
    Oct 3, 2008
    Posts:
    186
    anyone tried to test comodo IS with this? what is the result?:D
     
  14. 3xist

    3xist Guest

    Try Firewall>Stealth my ports to EVERYONE.

    100% Pass. Aslong as you are in Proactive Security (One of the 4 Default Configuration options in CIS). The default installation Configuration (Internet Security) should be close to 100%... About 80% or so, I guess people need to test both configurations.
     
  15. hammerman

    hammerman Registered Member

    Joined:
    Jul 14, 2007
    Posts:
    283
    Location:
    UK
    OA : 320/340
    OA Run Safer : 330/340
    Mamutu : 60/340
    DW : 260/340
    EQS : 260/340

    OA + EQS + DW : 340/340
     
  16. rogervernon

    rogervernon Registered Member

    Joined:
    Jul 16, 2006
    Posts:
    289
  17. guest

    guest Guest

    this is not security, this is joke
     
  18. Seer

    Seer Registered Member

    Joined:
    Feb 12, 2007
    Posts:
    1,596
    Location:
    Singidunum
    Excuse me, but unless your post was a joke, what exactly is a joke to you?
    Every decent AV will flag such tests as malware. And properly if I may say so.
     
  19. guest

    guest Guest

    its true.
    but this dont show us antivir passed test

    if rogervernon believe antivir pass test, this is joke
    i think rogervernon believe.
     
  20. Seer

    Seer Registered Member

    Joined:
    Feb 12, 2007
    Posts:
    1,596
    Location:
    Singidunum
    Ah, if that was your point, than OK. I was thinking that you reffered that these test should not be flagged at all. My bad.

    But I believe roger was just kidding us...

    Cheers,
     
  21. rogervernon

    rogervernon Registered Member

    Joined:
    Jul 16, 2006
    Posts:
    289
    Not really kidding you!
    Just a comment, that set on high heuristics, my AV flags the tests as suspicious.
    It is then up to the user to decide whether to allow the content or not.
    There is no comment (yet) from me about the results of the tests themselves.
     
  22. Big Apple

    Big Apple Frequent Poster

    Joined:
    Aug 22, 2006
    Posts:
    724
    Did the test with PC Tools Firewall 5.0 Beta and only scored 110 out of 340 and that's really bad and very disappointing!
    Anyone else?

    2nd test: PC Tools firewall OFF and Windows Firewall ON: 110/340 .......o_O?
    3rd test: No Firewall at all ON: 110/340 ........o_O??

    I kind of feel fooled an awful lot! Somebody may explain this to me.
     
    Last edited: Nov 8, 2008
  23. Big Apple

    Big Apple Frequent Poster

    Joined:
    Aug 22, 2006
    Posts:
    724
    This means, that all these programs should be needed to be 100% closed/secure and I would say......it's crazy to have all this installed.
    It amazes me or the test means just nothing?
     
  24. Big Apple

    Big Apple Frequent Poster

    Joined:
    Aug 22, 2006
    Posts:
    724
    Installed Look 'n' stop 2.06 firewall (standard config and blocked "clt.exe" and score: 130/340 !!

    I thought that Look 'n' Stop should be one of the 'better' firewalls?

    So....someone tell me...what's the use having a software firewall installed if they don't make any difference in this score?
    Or am I doing something wrong?
     
  25. Seer

    Seer Registered Member

    Joined:
    Feb 12, 2007
    Posts:
    1,596
    Location:
    Singidunum
    Big Apple,

    I simply find it hard to put this... without being flamed by Comodo and OA fanboys...
    Look'n'Stop is a way better firewall than both mentioned. It just wasn't designed to pass the leaktests, that's all. Why? Because that's not the purpose of a firewall. You see, OA and Comodo are not firewalls - they are suites with a classical HIPS incorporated in them, that's why they pass the tests. Throwing those leaktests against Look'n'Stop is just an unfair thing to do - it would be the same as to ask from a laundry machine to do your dishes. If you wish Look'n'Stop to pass leaktests, add a HIPS, say RealTimeDefender, to it. Now it can be compared to Comodo in a fair way.

    Cheers,
     
Loading...
Thread Status:
Not open for further replies.