Comodo HIPS and Firewall Leak Test Suite

Discussion in 'ESET Smart Security v4 Beta Forum' started by proactivelover, Mar 6, 2009.

Thread Status:
Not open for further replies.
  1. proactivelover

    proactivelover Registered Member

    Joined:
    Apr 7, 2006
    Posts:
    840
    Location:
    Near Wilders Forums
    Last edited: Mar 6, 2009
  2. nodyforever

    nodyforever Registered Member

    Joined:
    Oct 30, 2007
    Posts:
    549
    Location:
    PT / Lisbon
    Probablity next version......or not.....
     
  3. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,853
    Are you saying it passed the HIPS test or passed the firewall test and failed HIPS?
     
  4. proactivelover

    proactivelover Registered Member

    Joined:
    Apr 7, 2006
    Posts:
    840
    Location:
    Near Wilders Forums
    COMODO Leaktests v.1.1.0.3
    Date 5:12:43 AM - 3/7/2009
    OS Windows Vista SP0 build 6000
    1. RootkitInstallation: MissingDriverLoad Vulnerable
    2. RootkitInstallation: LoadAndCallImage Protected
    3. RootkitInstallation: DriverSupersede Protected
    4. RootkitInstallation: ChangeDrvPath Vulnerable
    5. Invasion: Runner Protected
    6. Invasion: RawDisk Vulnerable
    7. Invasion: PhysicalMemory Protected
    8. Invasion: FileDrop Vulnerable
    9. Invasion: DebugControl Protected
    10. Injection: SetWinEventHook Vulnerable
    11. Injection: SetWindowsHookEx Vulnerable
    12. Injection: SetThreadContext Vulnerable
    13. Injection: Services Vulnerable
    14. Injection: ProcessInject Protected
    15. Injection: KnownDlls Vulnerable
    16. Injection: DupHandles Vulnerable
    17. Injection: CreateRemoteThread Protected
    18. Injection: APC dll injection Vulnerable
    19. Injection: AdvancedProcessTermination Vulnerable
    20. InfoSend: ICMP Test Protected
    21. InfoSend: DNS Test Protected
    22. Impersonation: OLE automation Protected
    23. Impersonation: ExplorerAsParent Protected
    24. Impersonation: DDE Protected
    25. Impersonation: Coat Protected
    26. Impersonation: BITS Vulnerable
    27. Hijacking: WinlogonNotify Protected
    28. Hijacking: Userinit Vulnerable
    29. Hijacking: UIHost Protected
    30. Hijacking: SupersedeServiceDll Vulnerable
    31. Hijacking: StartupPrograms Vulnerable
    32. Hijacking: ChangeDebuggerPath Protected
    33. Hijacking: AppinitDlls Vulnerable
    34. Hijacking: ActiveDesktop Vulnerable
    Score 160/340
    (C) COMODO 2008
     
  5. MasterTB

    MasterTB Registered Member

    Joined:
    Jun 19, 2007
    Posts:
    547
    Location:
    Paran?, Argentina
    You have to remember that running leak test in Vista is not the Same as XP.
    On vista your scores will be higher because of UAC, this will affect the general result of the test and it does not mean it was blocked by ESS.
    I don't believe ESS has HIPS.
     
  6. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    Not really.

    Under Windows Vista (UAC enabled), you will be prompted for elevate it's rights. UAC will be no good here. Or you allow it to run (the test) or cancel it.

    If you choose cancel, then, UAC will be 100% effective. If you choose to allow to elevate it's rights, then, UAC will be as good as not having it.

    Let's imagine a real situation, where UAC would prompt an user to allow or cancel some action.
    If the user knows the application, then most likely it is safe to run it (the same way he/she would allow the action, if the alert has been triggered by a HIPS).
    If the users does not know the application, then, will cancel the action, or it would be expected to cancel it.

    So, I'm wondering if, those tests, were provided separetely, if UAC would intercept them all.
     
  7. Nelu

    Nelu Registered Member

    Joined:
    Apr 6, 2007
    Posts:
    17
    Location:
    Berlin,Germany
    I don't understand the results of this test.:I've tested with avira 8+COMODO FIREWALL(comodo being the author of this test) and with Norton Internet Security 2009.The results:With avira+comodo=110 Pct.With NIS=100 Pct....No comments
     
  8. ESS3

    ESS3 Registered Member

    Joined:
    Dec 11, 2007
    Posts:
    112
    ESS4+ Windows Vista SP1 64 bit
    score 260/340
     
Thread Status:
Not open for further replies.