PCflank test and Comodo

Discussion in 'other firewalls' started by Drew99GT, Sep 23, 2006.

Thread Status:
Not open for further replies.
  1. Drew99GT

    Drew99GT Registered Member

    Joined:
    Jun 27, 2006
    Posts:
    338
    Location:
    Colorado Springs
    I tried the PC Flank leaktest with Comodo. It says it fails BUT my text string does not make it through. o_O
     
  2. sukarof

    sukarof Registered Member

    Joined:
    Jun 22, 2004
    Posts:
    1,714
    Location:
    Stockholm Sweden
    Yeah, that is a bug or poor coding in the pcflankleaktest program, it always says in the gui that the firewall has failed the test even if it hasnt. No need to worry. If your firewall would´ve failed you would see the text on the page you are directed to.
     
  3. Drew99GT

    Drew99GT Registered Member

    Joined:
    Jun 27, 2006
    Posts:
    338
    Location:
    Colorado Springs
    Cool, thanks. One other thing, now whenever I do it again, the previous results show up everytime. How can I use it again and get the new results?
     
  4. Stem

    Stem Firewall Expert

    Joined:
    Oct 5, 2005
    Posts:
    4,948
    Location:
    UK
    I would be interested to learn where you have got this info from.



    If the firewall passes the test,.. see pic:
     

    Attached Files:

  5. djg05

    djg05 Registered Member

    Joined:
    Apr 6, 2005
    Posts:
    1,504
    I seem to remember that info was on the Comodo forum. Was not that convinced when I read it.
     
  6. sukarof

    sukarof Registered Member

    Joined:
    Jun 22, 2004
    Posts:
    1,714
    Location:
    Stockholm Sweden
    From experience I guess. I cant seem to upload of a pic to this forum right now for some reason. But I do get the window from Pcflankleaktest where it states that my firewall has failed the test and then there is a link to the page to see the text it has transmitted. At the same time I do get an alert from my firewall asking if I want to allow PCflankLeaktest.exe to use IEXPLORE.EXE through OLE Automation. I click deny and there is no text on the result page. If I click allow on the FW popup the text is there. I assume the test is only succesful (ie fw failed) only when I can see the transmitted text on the result page? Not when the Pcflanktest software says so?
     
    Last edited: Sep 23, 2006
  7. TairikuOkami

    TairikuOkami Registered Member

    Joined:
    Oct 10, 2005
    Posts:
    2,508
    Location:
    Slovakia
    I guess, that this bug in PCFlank test depends on allowed DNS request via IE.
    If DNS is allowed, the test can "ping" its server and it tells, that firewall failed.

    I enabled Aplication Behaviour, started the test, I got popup and Comodo passed.
     
  8. Stem

    Stem Firewall Expert

    Joined:
    Oct 5, 2005
    Posts:
    4,948
    Location:
    UK
    I did get similar results from another firewall (beta),.. please try,.. once the test is run,.. and you check the results,.. press the "Back" button and then the "next" button again (on the test) and then refresh the web site result page.
     
  9. Stem

    Stem Firewall Expert

    Joined:
    Oct 5, 2005
    Posts:
    4,948
    Location:
    UK
    PC flank Leaktest does not need a DNS lookup,.. the test website IP must be hard coded. (I have re-checked to look for any DNS lookups during the test,.. and there are none.)
     
  10. ejr

    ejr Registered Member

    Joined:
    Nov 19, 2005
    Posts:
    538
    I can't get Comodo to pass this test and my text string DOES make it through. One of the Comodo board ops felt that it could be a conflict with On-line Armor which I also have running.
     
  11. Stem

    Stem Firewall Expert

    Joined:
    Oct 5, 2005
    Posts:
    4,948
    Location:
    UK
    With the low level system hooking made by both these programs, I can see that there is a possibility of conflict, and I would not advise that these 2 programs be run together.
     
  12. gavel

    gavel Registered Member

    Joined:
    Aug 24, 2006
    Posts:
    11
    I am accord with that they are DUBIOUS, Comodo not pass PCFlankLeaktest!
     
  13. the Tester

    the Tester Registered Member

    Joined:
    Jul 28, 2002
    Posts:
    2,854
    Location:
    The Gateway to the Blue Hills,WI.
    If this test was anywhere but PCFlank I'd take it seriously.
     
  14. Drew99GT

    Drew99GT Registered Member

    Joined:
    Jun 27, 2006
    Posts:
    338
    Location:
    Colorado Springs
    I still can't get results for the latest test I do; it always shows the set of results when I clicked allow on the Comodo pop-up and the string went through. *edit* Just found the problem; if your firewall fails the test, or you allow it to fail like I did, it will save that result for your IP and show it everytime. Kinda lame; what if you take measures to fix the failure (if it actually did fail) and you want to test it again!

    I just looked through some threads at the PC Flank forums and the same thing happens to other people where the test says it failed but the text string doesn't go through. It has happened with other firewalls as well.
     
    Last edited: Sep 23, 2006
  15. gavel

    gavel Registered Member

    Joined:
    Aug 24, 2006
    Posts:
    11
    Until now only firewalls that make it clear, are Tiny Pro and Outpost RC3.
     
  16. ejr

    ejr Registered Member

    Joined:
    Nov 19, 2005
    Posts:
    538
    Stem...Question for ya. I like Comodo. I like Online Armor. I also use
    NOD32. Which program would you get rid of: Comodo or OA?

    OA also has a version that is in beta right now that includes a Firewall.
     
  17. MikeNash

    MikeNash Security Expert

    Joined:
    Jun 9, 2005
    Posts:
    1,654
    Location:
    Sydney, Australia
    One reason why the test may not pass is that comodo may mis-identify third-party processes as belonging to Online Armor - and allow the data out if OA is trusted.

    You could verify this by blocking traffic for Online Armor, and then running the test again. If the test allows traffic depending on Online Armor's allow/block status then it's a fair bet that the process owner identification is broken.
     
  18. TairikuOkami

    TairikuOkami Registered Member

    Joined:
    Oct 10, 2005
    Posts:
    2,508
    Location:
    Slovakia
    I mean DNS request sent via IE, but I just blocked it, so that is not it.

    I just tried it again, I got 3 popups: UDP Loopback, DNS Out, TCP Out.
    I had to open second IE window, because opened IE window was blocked.
    In default setup, Comodo Skip UDP loopback, allows Safe aplications like IE.
    I wonder, what primary browser use those, who get info, that they passed it?
     
  19. Stem

    Stem Firewall Expert

    Joined:
    Oct 5, 2005
    Posts:
    4,948
    Location:
    UK
    IE uses UDP loopback,.. on my using IE for this test, IE does slow down if the UDP loopback is blocked.
    I dont have Comodo to check this test. I think the problem could be that control of IE via OLE is not being blocked, and that the text string is sent,.. thats why the test shows as leaked,... and that the text string (comms) is being (or attempted to be) intercepted at IE.

    As mentioned by "gavel"... the only 2 I know that appear (to me) to completely sandbox this leaktest. (Tiny Pro and Outpost RC3)
     
  20. TairikuOkami

    TairikuOkami Registered Member

    Joined:
    Oct 10, 2005
    Posts:
    2,508
    Location:
    Slovakia
    Well, I just hope, that this bug, whetever it is in PCFlank or in Comodo, will be fixed soon.
    Common user would just notice Failed message and he would not know, that it is a mistake.
     
  21. ejr

    ejr Registered Member

    Joined:
    Nov 19, 2005
    Posts:
    538
    Stem...I was hoping to hear back from you on a question I posed above. You have suggested that running Commodo and On-line Armor simultaneously might be a bad move due to the low level hooks of each application.

    I use NOD 32. Presently I also use On-line Armor (which I love) and Commodo (which appears to be a best in class firewall). If I had to replace one of these applications (Commodo or OA) I don't know which one I would replace.

    Any suggestions?

    PS...The guy that developed OA provides world class customer service. I can't say enough good things about him or his product. And he will soon be releasing a version with a Firewall, though I am not certain if it will stop all the leak tests as Commodo does.
     
  22. Stem

    Stem Firewall Expert

    Joined:
    Oct 5, 2005
    Posts:
    4,948
    Location:
    UK
    Did you check, as "MikeNash" posted, to see if indeed the problem is at low level hooking,.... or that the process owner identification is broken within Comodo?.
     
  23. ejr

    ejr Registered Member

    Joined:
    Nov 19, 2005
    Posts:
    538
    What I did was re-took the test with On-line Armor completely turned off. I still failed the test. So I believe the issue is possibly with Comodo. The problem is that I don't see othjer Comodo users having this same problem.
     
  24. Stem

    Stem Firewall Expert

    Joined:
    Oct 5, 2005
    Posts:
    4,948
    Location:
    UK
    Did you block (or remove)the firewall rules that allowed internet access for OA/components?
     
  25. ejr

    ejr Registered Member

    Joined:
    Nov 19, 2005
    Posts:
    538
    I did not. I will do so and report back. Thank you.
     
Loading...
Thread Status:
Not open for further replies.