At least one other member around here has said it does not make sense to leak test HIPS. I agree with this statement and would like to expand it. Leak tests originated as a means to detect communication by malware by using programs that were otherwise authorized to make outbound internet connections. It originated as apost infection measure, when all else had failed. Comodo 2.4 is a good exampleof this approach. HIPS are supposed to prevent the installation of malware. Assuming you do not give permission to some Trojan laden screen saver or weather bug, your system should remain clean. I would have to say any HIPS that does not block every leak test is broken, not simply outsmarted by the latest thing. Its possible to intentionally allow the leak test to install and see if the HIPS blocks it by secondary means. I think this makes no sense, but others may disagree. One could say you need both. The HIPS to block drive by infections and the leak proof firewall to take care of the mistake of running Trojan applets. My view on this is if you are smart enough to respond to all the prompts this setup will give you, you will not make such a mistake in the first place. In other words, its useless duplication. This brings me to the next question which is why bother with HIPS that monitor all sorts of stuff when something like Anti Executable will prevent any new malware from running, and has the added benefit of being able to do a baseline scan so it keeps quiet. Actually, Comodo 3 and just about any HIPS could benefit from a baseline scan and the assumption that anything thus white listed may be started by a variety of other white listed programs, especially explorer.exe.