Security-problem with Comodo´s firewall & Defence+ !

Security-problem with Comodo´s firewall & Defence+ !

hi !

there seems to be a really BIG Security-problem with Comodo´s Firewall & Defence+.

last night i when running Comodo´s Leak-Test (CLT) i discovered that it´s NOT working as it should & as it used to do.
i only got 180 / 340 points !

OMG...:shock:

a complete disaster, although a-squared (now EAM) did a good job,
and detected 5 suspected activities that Comodo missed.

last time i checked with CLT i got 340/340, so there must be some problems.

last night i spent an hour checking all my settings & trying to improve the security, but nothing i did helped.
i´ve been working a few hours now, trying everything possible, but it´s still 180/340.

so if you are using Comodo´s Firewall & Defence+, the latest version 4.0.141842.828 from 12 April 2010, then i strongly suggest that you run CLT and check your own results !

i´m using Online Armor FREE now and i got 330/340 when running CLT.

i previously used W7-beta, W7-RC & W7-Professional, when i tested Comodo with CLT.
now i´m running W7-Enterprise 32-bit, but i also have both Vista & Windows Server 2008 installed, so i´m going to install Comodo on those 2 O/S´s just to verify that it isn´t W7-Enterprise that is acting weird.

Wow! Coming from a "devout" Comodo fan, this is something.

well, if Comodo doesn´t provide the security, then it´s time to switch to something else....

i just checked my old emails, i seem to have licenses for both Online Armor Premium &
Online Armor ++.

OA++ = OA-premium & a-squared.

hmmm....

I wonder what changed with Comodo? I am a new users of comodo so I have no point of reference. I may try the OA though. I was figuring out how to use Comodo though This could become a very time consuming experience chasing the holy grail of firewalls. I can already see OA or any other vendor making what ever mistake Comodo made and then jumping vendor to vendor.

TY hackerman1 for the great post...

I see they are also testing a beta system for the 64 bit windows7 users... will wait for the outcome...

polarbear said:

TY hackerman1 for the great post...

I see they are also testing a beta system for the 64 bit windows7 users... will wait for the outcome...

Click to expand...

Are you referring to Comodo?

After fiddling with the settings after my outcome kept getting 220 i now get 340 with Comodo.

...Keep failing COAT. :|

Nem said:

After fiddling with the settings after my outcome kept getting 220 i now get 340 with Comodo.

...Keep failing COAT. :|

Click to expand...

Care to share what settings you fiddled with? For me this is a learning experience of the various software firewalls out there and how well they do what they claim.

Yeah sure no prob.

Firewall:
Safe Mode
Everything under advance tab in "Firewall Behavior Settings" checked
Stealth Ports set to "Block All Incoming Connections..."
------------------------------------------------------

Defense+
Safe Mode
On Common Tasks Tab -> "My Protected Files" i added the Executables File Group.
SandBox Default Settings.

Advance Tab -> Image Exeution Control Settings.. is on Normal, Detect Shellcode Injections.. Checked
Everything else Default.

Oh and my config is set to Proactive Security.

Comodo have too many bad practices for me to ever use them again. It's a shame as some of their products are good.

Online Armor is an excellent alternative.

With CIS4.x, you must keep in mind the sandbox portion of this suite will create a virtual registry, letting your software think it is writing to the real one (which is, btw, also protected by D+).
CLT has issues with this new software in that it does not recognize the sandbox and therefore cannot deal with it to show you how secure you really are.

Explains how i got 210 with it in the Sandbox and 330 out of it... I guess, right?

finally some good news, after having had enough of Online Armor blocking my soundcard, i decided to reinstall Comodo.

guess what ?
now everything is back to normal....:huh:
after running a new test with CLT it´s 340/340 !

but now the BIG question remains: how the he*l could Comodo suddenly stop working ???

After getting 330 and now getting 220 yet again.. is really odd considering i haven't touched nothing. This is wack...

EDIT: So obviously sandbox is messing with it no matter what so i just disabled it.
Got:

The Comodo leak test doesn't make sense to me. Since its made my Comodo, their product will obviously score 100% marks.

what other leak / firewall tests are there ?

seag33k said:

polarbear said:

TY hackerman1 for the great post...

I see they are also testing a beta system for the 64 bit windows7 users... will wait for the outcome...

Click to expand...

Are you referring to Comodo?

Click to expand...

Armor FREE for Windows7 64 bit... GL

hackerman1 said:

what other leak / firewall tests are there ?

Click to expand...

Why do you even need to test your firewall? If a bad packet is blocked, your firewall is working. If its allowed, your browser, anti virus software, etc. will still prevent you from getting infected.

For me, the leak tests or any firewall test are a good way to learn how the software works and to adjust settings.

Dinesh said:

hackerman1 said:

what other leak / firewall tests are there ?

Click to expand...

Why do you even need to test your firewall? If a bad packet is blocked, your firewall is working. If its allowed, your browser, anti virus software, etc. will still prevent you from getting infected.

Click to expand...

leaktests check for leaks on OUTGOING connections.

it´s not about getting infected, it´s about not letting unauthorized software connect to internet.

fx. stopping a spyware from "calling home"...