Comodo Leaktest

Discussion in 'other security issues & news' started by Ranget, Oct 20, 2011.

Thread Status:
Not open for further replies.
  1. Ranget

    Ranget Registered Member

    Joined:
    Mar 24, 2011
    Posts:
    846
    Location:
    Not Really Sure :/
    Test Methodology :
    Comodo Leaktest V1.1.0.3
    Test machine OS XP Sp3 x86 unpatched
    every security software Got tested individually by it self with no other software
    Windows Firewall is On by default not if got disabled by the security suite
    Testing done in VMware v8

    Testing took about two days without getting enough sleep
    i would have tested more but My internet connection a bit slow to download
    various security suits

    anyway
    Code:
    Score 	Program	Note
    20/340	Nod32 smart security v5.0.94.0	
    T	kaspersky internet security	terminated the excution
    200/340	kaspersky internet security  (safe Run)	Run in kaspersky sandbox
    10/340	Xp Sp3 no security  x86	
    T	zemana antilogger 	terminated the excution
    10/340	winpatrol Free	
    T	Threat fire  free	terminated the excution
    270/340	spyshelter Free	very depending on user decision 
    20/340	snoopfree	
    180/340	sandboxie free default settings 	
    20/330	Returnil  2011 Trial    Virtual Mode Off	detected a dll wich made the test from 330 not from 340
    50/330	Returnil  2011 Trial    Virtual Mode On	
    70/340	Samurau Hips v2.7	
    340/340	Online armor Free	very depending on user decision 
    340/340	Online armor Free  ( Run safe )	
    310/340	Malware defender (Normal Mode)	default rules  + very depending on user decision 
    10/340	Malware defender (Learning  Mode)	
    290/340	Malware defender (Silent Mode)	
    70/340	Storm shield   	activated realtime protection 
    30/340	Geswall 2.9.1	default rules 
    170/340	Geswall 2.9.1   (isolated Program)	
    10/340	Kingsoft pc doctor 2.8.1.41	
    90/340	xyvos antivirus 1.5.0.0	
    20/340	avast Free antivirus v6	
    20/340	avast Pro antivirus v6 trial 	
    160/340	avast Pro antivirus v6 trial  SandBox	
    20/340	avast Internet security 6 Trial 	
    160/340	avast Internet security 6 Trial  SandBox	
    70/340	avira Free Antivirus 2012	
    70/340	avira Internet security 2012 Trial 	
    30/340	Lavasoft Adaware free	
    30/330	Spyware terminator 2012 Free 	
    20/340	spybot s&d   2 beta 4	
    50/340	Clamwin 0.95.2	
    20/340	Defense Wall default 	
    310/340  Defense Wall Run as Untrusted 
    330/340  Defense Wall + Firewall Run as Untrusted 
    20/340	Iobit Malware Figther free 	
    40/340	MBAM 1.51.2.300	
    20/340	Exe Radar trail 1.3.4.0	
    10/340	Ashampoo AntiMalware	
    10/340	Superantispyware Trial v5.0.11311	
    30/340	Panda Cloud Pro 	
    70/340	Dr WEB Space pro v6 with firewall 	very depending on user decision 
    110/340	Dr WEB Space pro v6 with firewall 	enabled the etended Protection from settings + Very depending on user 
    T	k7 Ultimate security default	completed half of the test then exterminated the process
    320/340	Comodo Firewall Default 	installed with Proactive protection 
    320/340	Comodo Firewall  Defense + paranoid Mode	
    310/340	Comodo Firewall   Sandboxed as Partilly Limted 	Defense + as safemode 
    310/340	Comodo Firewall   Sandboxed as Limted 	Defense + as safemode   + some Popup interaction 
    320/340	Comodo Firewall   Sandboxed as Restricted 	Defense + as safemode   +some popup interaction 
    330/340	Comodo Firewall   Sandboxed as untrusted  	Defense + as safemode   +some popup interaction 
    330/340	Comodo Firewall   Sandboxed as untrusted  	Defense + as Paranoid    +some popup interaction 
    130/340	MaMutu v3.0.0.19	Default  
    140/340	Mamutu v3.0.0.19	Paranoid mode
    140/340	maMutu v3.0.0.19	Paranoid mode + Alret reduction 
    150/340	maMutu v3.0.0.19	Alretreduction Only
    140/340	Mamutu v3.0.0.19	Edit rules to monitor everything and Block all behavior for the clt.exe
    10/340    Microsoft Security essentials 2.1.1116.0  
    20/340    Preventon 5.0.32 Free antivirus 
    340/340  Outpost security suite Full Protection Expret settings version 7.1.1    Extremely naggy 
    90/340    Fortknox personal edition 7.0.505.0
    140/340  Bufferzone Pro (Default settings)
    20/340    Private Firewall 7 (Default settings)
    280/340  Jetico Firewall v2 (default Settings ) Extremly naggy 
    40/340    Filseclab Personal Firewall (default settings )
    30/340    ashampo firewall 1.20 free
    20/340    Rising personal Firewall 23.00.24.24
    40/340    Sunbelt personal Firewall v4 (default settings)
    30/340    zonealarm Firewall 9.2.106.000
    T           Twister antivirus v7 (terminated the Process) 
    
    
    this the Final Xls File
    http://www.multiupload.com/0DBOCI177E

    View Online
    http://www.viewdocsonline.com/document/nw2eq9

    anyway Ranget Hips certification system :)

    Gold Certificate : OA Free, Outpost security suite , Malware Defender ,Spyshelter Free, Comodo , Defensewall+firewall
    :thumb: :thumb:
    Silver Certificate :Kaspersky IS 2012 , threatFire , k7 , sandboxie ,Jetico free firewall , Defencewall
    :thumb:
    Bronze Certificate : Dr web space pro , Avira internet security 2012,AVira antivirus free 2012
    :doubt:

    anyway why you should care try it your self it's pretty fun ;)

    just for your information this CLT Test isn't 100% accurate somtimes it gave me false result like really Low result when i re tested i got a higher one
    so i done testings more than one time for suspicious results
    Note: I don't think this is a fair testing for security software you should relay on other review for deciding

    anyway if you want more information try it your self :thumb:

    gonna do more fun testing and post results
    and Plz don't flame me if i did anything wrong
     
    Last edited: Oct 23, 2011
  2. CloneRanger

    CloneRanger Registered Member

    Joined:
    Jan 4, 2006
    Posts:
    4,833
    Hi, good to see you making use of the tests :thumb:

    The http://www.viewdocsonline.com/document/nw2eq9 www requires TONS of Scripting & Requests & SWF :thumbd:

    Could you just post the results in here instead :thumb: If you like you can upload them here as .TXT or .DOC files. If the results have screenies, then just upload them here with the text etc = Much better for all :) :thumb:

    TIA
     
  3. Ranget

    Ranget Registered Member

    Joined:
    Mar 24, 2011
    Posts:
    846
    Location:
    Not Really Sure :/
    edited added Code box with the scores in it


    Please give me some feedback did you like the test etc.....

    i'm going to make some more test in the future
     
  4. Gobbler

    Gobbler Registered Member

    Joined:
    Jul 30, 2010
    Posts:
    270
    Something is seriously wrong with your testing of DefenseWall, did you run the CLT as untrusted?Which edition had you used for the test (HIPS/Firewall)?
     
  5. AaLF

    AaLF Registered Member

    Joined:
    Feb 20, 2005
    Posts:
    986
    Location:
    Sydney
    online armor :thumb:

    Defensewall :eek:

    Man you've really destroyed some reputations there. Be interesting to see if others find same results on their installed setups.
     
  6. Rampastein

    Rampastein Registered Member

    Joined:
    Oct 16, 2009
    Posts:
    290
    Interesting test, although while you've changed settings for some programs (Comodo and Mamutu for example), many others are tested with just default settings although you could edit how the HIPS works.

    Another thing is that while (AFAIK) many sandboxing programs would prevent CLT's tests from affecting the real system, CLT sees them as failures and as such products tested with sandboxing likely get lower results.
     
  7. AaLF

    AaLF Registered Member

    Joined:
    Feb 20, 2005
    Posts:
    986
    Location:
    Sydney
    My score: 220/340 >>> LnS FW - SBiE - SpyShelter
     
  8. Ilya Rabinovich

    Ilya Rabinovich Developer

    Joined:
    Sep 13, 2005
    Posts:
    1,543
    Just downloaded and tested the latest CLT build. The results are standard- 330 of 340. This guy definitely didn't download the test tool with their browser untrusted.
     
  9. LoneWolf

    LoneWolf Registered Member

    Joined:
    Jan 2, 2006
    Posts:
    3,408
    @Ranget
    Test DefenseWall again if you can,
    this time make sure the test is run as "untrusted"
    (you must have ran the test as trusted the first time)
    I've tested DefenseWall with this and got "330/340"
     
  10. AaLF

    AaLF Registered Member

    Joined:
    Feb 20, 2005
    Posts:
    986
    Location:
    Sydney
    I downloaded DefenseWall Hips and tried it unskilled as a beginner user and scored 310/340. Less than LoneWolf & Mr Rabinovich but damn good never the less.

    Looks like I've got to consider a change to Online Armor or DefenseWall (i dislike the comodo panel).
     
  11. LoneWolf

    LoneWolf Registered Member

    Joined:
    Jan 2, 2006
    Posts:
    3,408
    AaLF,
    I ran the test on Xp Home, what OS are you using?
    Just wondering if the OS might have something to do with the mixed results.
     
  12. AaLF

    AaLF Registered Member

    Joined:
    Feb 20, 2005
    Posts:
    986
    Location:
    Sydney
    XP sp3 & LnS SBiE & DefenseWall Hips(trial)

    I did the test again a few times & consistently scored 320.

    Failed:
    impersonation / coat
    invasion / filedrop
     
  13. LoneWolf

    LoneWolf Registered Member

    Joined:
    Jan 2, 2006
    Posts:
    3,408
    Sp3 here also,
    Curious, are you trialing DW HIPS+FW or DW HIPS?
    Filedrop was the one that failed here with DW HIPS+FW.
     
  14. CloneRanger

    CloneRanger Registered Member

    Joined:
    Jan 4, 2006
    Posts:
    4,833
    Tested CLT.exe whilst connected to the Internet, but all the time with ShadowDefender active ;)

    clt.gif

    My score was 200/340 !

    ProcessGuard blocked these attempts :thumb:

    pg.gif

    Zemana also blocked quite a number of things :thumb: but i didn't take screenies. ZoneAlarm Free, old version :p blocked ALL outbound attempts :thumb: due to my setting it to Prompt for such events.

    I'm not sure how vulnerable i would be to real Malware without SD with that score ? but with it i feel Very safe :)
     
  15. Gobbler

    Gobbler Registered Member

    Joined:
    Jul 30, 2010
    Posts:
    270
    If you use the Firewall edition, you are going to get a score of 330, the one supposed "fail" which is the filedrop test is not actually a failure in this particular case of because of how DefenseWall works.The filedrop test simply drops a file to the system32 folder and because DefenseWall treats everything which is parented by an untrusted process untrusted, in this case the CLT the dropped file will be treated untrusted and will not be able to modify anything.So, the test is virtually 340/340.
     
  16. tomazyk

    tomazyk Guest

    I've got 320/340 with Malware Defender and Sandboxie. In MD rules I have Trusted network rule disabled. Results are good. :thumb:

    EDIT:
    failed - Impersonation: BITS and RootkitInstallation: ChangeDrvPath
     
  17. Ranget

    Ranget Registered Member

    Joined:
    Mar 24, 2011
    Posts:
    846
    Location:
    Not Really Sure :/
    Re did the test for Defnsewall as untrusted

    310/340

    as For my current setup 270/340
     
    Last edited: Oct 22, 2011
  18. Noob

    Noob Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    6,468
    Ultra interesting!!
    Nice quick comparison and even with different setting!! Like it :thumb: :thumb:
     
  19. Dark Shadow

    Dark Shadow Registered Member

    Joined:
    Oct 11, 2007
    Posts:
    4,553
    Location:
    USA
    Ah proceesguard,Loved it and miss it..I wish some one would resurrect the dead
     
  20. Ilya Rabinovich

    Ilya Rabinovich Developer

    Joined:
    Sep 13, 2005
    Posts:
    1,543
    Sorry, but it had to be 330/340.
     
  21. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
    One minor typo (should be trial, not trail), but good job nonetheless.
     
  22. Ranget

    Ranget Registered Member

    Joined:
    Mar 24, 2011
    Posts:
    846
    Location:
    Not Really Sure :/
    thanks for the comment and the correction sorry English isn't my first language

    as for the defence wall test Run as untrusted i double checked the same
    Result

    [​IMG]

    did more tests
    Code:
    10/340       Microsoft Security essentials 2.1.1116.0  
    20/340       Preventon 5.0.32 Free antivirus 
    340/340     Outpost security suite Full Protection Expret settings version 7.1.1    Extremely naggy 
    90/340       Fortknox personal edition 7.0.505.0
    140/340     Bufferzone Pro (Default settings)
    20/340      Private Firewall 7 (Default settings)
    280/340    Jetico Firewall v2 (default Settings ) Extremly naggy 
    40/340      Filseclab Personal Firewall (default settings )
    30/340      ashampo firewall 1.20 free
    20/340      Rising personal Firewall 23.00.24.24
    40/340      Sunbelt personal Firewall v4 (default settings)
    30/340      zonealarm Firewall 9.2.106.000
    T              Twister antivirus v7 (terminated the Process)   
     
    Last edited: Oct 22, 2011
  23. LoneWolf

    LoneWolf Registered Member

    Joined:
    Jan 2, 2006
    Posts:
    3,408
    If you are testing DW HIPS try the test with DW HIPS + FW.
     
  24. Ranget

    Ranget Registered Member

    Joined:
    Mar 24, 2011
    Posts:
    846
    Location:
    Not Really Sure :/
    yup that was the problem the firewall
    because actully Defensewall firewall is better than Microsoft of course

    any way defencewall is :thumb: product
     
  25. Ilya Rabinovich

    Ilya Rabinovich Developer

    Joined:
    Sep 13, 2005
    Posts:
    1,543
    That's strange. At my computer, "Coat" is covered. Maybe, a kind of interferrention with another security program?
     
Loading...
Thread Status:
Not open for further replies.