Comodo HIPS and Firewall Leak Test Suite

http://www.personalfirewall.comodo.com/onlinetest.html
Eset Smart Security v4.0.314.0(firewall is in Interactive mode) score 120/340
now eset have to tell what HIPS they introduce in v4

 

Probablity next version......or not.....

 

Are you saying it passed the HIPS test or passed the firewall test and failed HIPS?

 

COMODO Leaktests v.1.1.0.3
Date 5:12:43 AM - 3/7/2009
OS Windows Vista SP0 build 6000
1. RootkitInstallation: MissingDriverLoad Vulnerable
2. RootkitInstallation: LoadAndCallImage Protected
3. RootkitInstallation: DriverSupersede Protected
4. RootkitInstallation: ChangeDrvPath Vulnerable
5. Invasion: Runner Protected
6. Invasion: RawDisk Vulnerable
7. Invasion: PhysicalMemory Protected
8. Invasion: FileDrop Vulnerable
9. Invasion: DebugControl Protected
10. Injection: SetWinEventHook Vulnerable
11. Injection: SetWindowsHookEx Vulnerable
12. Injection: SetThreadContext Vulnerable
13. Injection: Services Vulnerable
14. Injection: ProcessInject Protected
15. Injection: KnownDlls Vulnerable
16. Injection: DupHandles Vulnerable
17. Injection: CreateRemoteThread Protected
18. Injection: APC dll injection Vulnerable
19. Injection: AdvancedProcessTermination Vulnerable
20. InfoSend: ICMP Test Protected
21. InfoSend: DNS Test Protected
22. Impersonation: OLE automation Protected
23. Impersonation: ExplorerAsParent Protected
24. Impersonation: DDE Protected
25. Impersonation: Coat Protected
26. Impersonation: BITS Vulnerable
27. Hijacking: WinlogonNotify Protected
28. Hijacking: Userinit Vulnerable
29. Hijacking: UIHost Protected
30. Hijacking: SupersedeServiceDll Vulnerable
31. Hijacking: StartupPrograms Vulnerable
32. Hijacking: ChangeDebuggerPath Protected
33. Hijacking: AppinitDlls Vulnerable
34. Hijacking: ActiveDesktop Vulnerable
Score 160/340
(C) COMODO 2008

 

You have to remember that running leak test in Vista is not the Same as XP.
On vista your scores will be higher because of UAC, this will affect the general result of the test and it does not mean it was blocked by ESS.
I don't believe ESS has HIPS.

 

Not really.

Under Windows Vista (UAC enabled), you will be prompted for elevate it's rights. UAC will be no good here. Or you allow it to run (the test) or cancel it.

If you choose cancel, then, UAC will be 100% effective. If you choose to allow to elevate it's rights, then, UAC will be as good as not having it.

Let's imagine a real situation, where UAC would prompt an user to allow or cancel some action.
If the user knows the application, then most likely it is safe to run it (the same way he/she would allow the action, if the alert has been triggered by a HIPS).
If the users does not know the application, then, will cancel the action, or it would be expected to cancel it.

So, I'm wondering if, those tests, were provided separetely, if UAC would intercept them all.

 

I don't understand the results of this test.:I've tested with avira 8+COMODO FIREWALL(comodo being the author of this test) and with Norton Internet Security 2009.The results:With avira+comodo=110 Pct.With NIS=100 Pct....No comments

 

ESS4+ Windows Vista SP1 64 bit
score 260/340