Antivirus Firewall Software Leak Test - gHacks Tech News

Antivirus Firewall Software Leak Test

How good is your antivirus program or firewall? It is hard to tell as a end user. Sure, you can rely on information provided by test magazines, Internet websites, antivirus and firewall software developers, or opinions from friends and colleagues. All of those recommendations are to a degree based on opinion, and only some on tests that are applicable in the real world.

A good way to perform security tests on antivirus firewall software programs are so called leak tests. These tests simulate different kind of attacks and manipulations on a computer system without actually doing any harm to it. They usually present statistics at the end that tell you which tests the antivirus firewall software program passed and which it failed at.

Comodo HIPS and Firewall Leak Test Suite

antivirus firewall software

Comodo Leaktest is but one of the many available leak tests on the Internet that test your firewall and antivirus solution.

The security software tests a total of 34 different attacks and manipulations of a computer system running the Microsoft Windows operating system when you hit the test button. Depending on the antivirus and firewall software in use some, all or none might spawn alerts.

Note: The nature of the program makes it a target for flagging by antivirus solutions. The program is harmless however, and if your antivirus solution flags the leak test, it is reporting a false positive. Still, if feel unsure about running the program, don't.

The software program displays a score in the end. The maximum amount of points is 340, 10 for each test passed. Each test is explained on a local HTML page that gets downloaded with the software program. Those information can be used to find out why a test has not been passed. It does require some research though as the information provided are only answers to the questions what the test is doing, and what the harm is if the test fails.

The leak test can be divided into different categories. It begins with some rootkits tests followed by invasion, injection, info send, impersonation and hijacking tests.

Verdict

Comodo Leak Test is a portable security software that will test an antivirus firewall software that is installed on a Windows operating system. It provides the means to find out if your computer system is still - partially or fully - vulnerable to common attacks encountered locally and remotely.

Update: The program is not available anymore on the official Comodo website. One reason for this may be that it is no longer in active development. We have uploaded the latest version to our own server from which you may download it.

Since the program gets flagged by some antivirus solution, we have password protected it. The password is ghacks. Download the program with a click on the following link: Comodo Leak Test

Summary
software image
Author Rating
1star1star1star1stargray
no rating based on 0 votes
Software Name
Comodo Leak Test
Operating System
Windows
Software Category
Security

We need your help

Advertising revenue is falling fast across the Internet, and independently-run sites like Ghacks are hit hardest by it. The advertising model in its current form is coming to an end, and we have to find other ways to continue operating this site.

We are committed to keeping our content free and independent, which means no paywalls, no sponsored posts, no annoying ad formats or subscription fees.

If you like our content, and would like to help, please consider making a contribution:

Comments

  1. kurt said on January 6, 2006 at 4:56 pm
    Reply

    unfortunately the test is probably worthless… with only 10,000 samples they’ve sampled at most about 7% of the virus population, and there’s no way to tell if that sample is representative of the whole virus population (in fact there’s little reason to believe there is such a thing as a ‘representative sample’ in this context)…

    further, the documentation for the test gives no information on how the samples were validated (just because a virus scanner calls something a virus doesn’t mean it really is one)… there’s a great deal of so-called scanner fodder out there that doesn’t actually self-replicate…

    many anti-virus tests are invalid on these two points alone… few people/organizations have the resources to do proper anti-virus testing, and without proper methods the results are suspect at best…

  2. rwkohio said on January 6, 2006 at 5:29 pm
    Reply

    I use AVG Free, NOD32 and Avast! at home (on different PCs) and they all seem to be effective. One nice feature with Avast! is that you can do a boot-time scan, which can help catch some trojans before they get loaded into memory.

  3. Martin said on January 7, 2006 at 11:18 am
    Reply

    I agree with you that the results are not the non plus ultra but they probably help you in your decision which you should use and trust.

  4. kurt said on January 7, 2006 at 10:52 pm
    Reply

    it’s difficult to use the test as a descriminator for which products you can trust and which ones you can’t when all the products had such similar scores… combined with the question of how many of the samples really were viruses, it’s impossible to tell which one really had the best score and by what margin did others really fall short…

  5. sensibleguy said on December 27, 2007 at 1:03 pm
    Reply

    actually we cant trust any antivirus software because viruses are getting into pc still when an antivirus software is still installed.

  6. abv said on March 10, 2009 at 6:16 pm
    Reply

    everybody knows this list http://www.matousec.com/projects/firewall-challenge/results.php
    for testing firewalls
    and VBulletin tests for testing antivirus

    Comodo Leaktest – this product was create for promoting Comodo products i think

  7. Rarst said on March 10, 2009 at 6:58 pm
    Reply

    @abv

    And how does reason for creating product matters if it gets job done? If other firewall has hole this hole doesn’t get smaller from being tested with product created to promote Comodo. :)

  8. Digital Ruse said on March 10, 2009 at 9:10 pm
    Reply

    I just ran it on machines with Kaspersky, NOD32, and NIS2009. None of them broke a score of 200, which I find hard to believe.

    1. Martin said on March 10, 2009 at 10:04 pm
      Reply

      A test on a Windows XP SP3 test system with Kaspersky 2009 running scored 290 of 340 points.

  9. David Bradley said on March 10, 2009 at 11:07 pm
    Reply

    AVG antivirus flagged the two dll files associated with this download as malware. BITS.dll it said is a key logger and DNS.dll is a Trojan…any thoughts? False positives?

    1. Martin said on March 11, 2009 at 12:44 am
      Reply

      David to test they need to emulate attacks which is the most likely reason for the scan results.

  10. rmb said on March 10, 2009 at 11:37 pm
    Reply

    wow, scored only 150 with windows 7 and antivir XD
    disabled UAC probably is a true problem…

    LOL, my netbook with XP SP3 and Antivir scored 0 XD

    fortunately, the most time I use Linux :P

  11. Dany said on March 11, 2009 at 1:44 am
    Reply

    Score of 20 on XP whit McAfee VirusScan Plus + Comodo BOClean and COMODO Memory Firewall.

    Also my friend whit McAfee scored also 20.

    Can someone else reproduce this issue.

  12. Unit1 said on March 11, 2009 at 4:31 am
    Reply

    I just ran the test on vista32 with nod smart security 4 and only got 110 and seeing that it failed its own product from post above COMODO Memory Firewall. I do not think that all of our setup’s can be that bad? it might be just a bad program for testing

  13. Dante said on March 11, 2009 at 6:13 am
    Reply

    To “abv” yeah, everybody knows that. But people like me keeps forgetting things. And once in a while, an article like this gets me off my rear end and run a test.

  14. Dante said on March 11, 2009 at 6:18 am
    Reply

    LOL. I tried to download this and use it as part of my intrusion kit. But my Avira and McAfee virus scans promptly picked it up. This will be useless for intrusion purposes :(

  15. Jojo said on March 11, 2009 at 8:29 am
    Reply

    I only get 4 tests shown when I start up the .exe file. And I passed 2 and failed 2.

    Where are the rest of the tests mentioned (34)?

    And there is a total lack of documentation or explanation about what to do with whatever results you achieve.

    Not impressed Comodo!

    COMODO Leaktests v.1.1.0.3
    Date 11:16:25 PM – 3/10/2009

    OS Windows XP SP3 build 2600

    1. Injection: APC dll injection Vulnerable
    2. Injection: AdvancedProcessTermination Vulnerable
    3. Hijacking: AppinitDlls Protected
    4. Hijacking: ActiveDesktop Protected

    Score 20/40

  16. watzabatza said on March 11, 2009 at 10:34 am
    Reply

    I’ve got ESET anti virus.. a good anti virus I’ve ever tested… Many anti virus cannot detect some viruses that are hiding on files. But ESET can locate it. How about you guys?

  17. David Bradley said on March 11, 2009 at 10:57 am
    Reply

    It did occur to me that might be the case, but how could anyone know for sure, they might have been infected and if we assume they’re dummy test viruses and get ravaged by something malicious who do we sue?

  18. Lorissa said on March 11, 2009 at 12:27 pm
    Reply

    @ abv –

    “Everybody”? What a ridiculously stupid statement! Few people in the World actually know how to even turn a computer on, much less about security.

  19. Lorissa said on March 11, 2009 at 12:40 pm
    Reply

    And, of course this test was created to promote Comodo products … duh. It doesn’t take a mental giant to figure out that one.

    Most likely, even Martin will receive something of value for publishing this article here. So what?

    Companies (as well as most people in general) rarely do anything that costs money to produce or create without having a marketing benefit and goal in mind.

    1. Martin said on March 11, 2009 at 12:54 pm
      Reply

      The value that I received were the comments of my visitors :)

  20. rickxs said on March 12, 2009 at 1:36 am
    Reply

    hmmm 90 out of 340

  21. Jojo said on March 12, 2009 at 6:24 am
    Reply

    So everyone else is seeing 34 tests? No one else is seeing only 4 tests like I am?

  22. Anonymous said on March 18, 2009 at 11:03 pm
    Reply

    If you have Spyware Terminator, it’ll block the DLLs. Therefore, only 4 tests will be available. See the block actions and move the DLLs to the White List.

  23. Jojo said on March 19, 2009 at 12:07 am
    Reply

    I don’t use Spyware Terminator. But I do have a host of other security programs running including Spyware Search & Destroy, Spyware Blaster, Comodo’s own firewall, Secunia, etc.

    I guess it is good then that something is successfully blocking attempts to insert DLL’s.

  24. Prateek said on March 28, 2009 at 7:18 pm
    Reply

    actually you will get full 340 marks if you have a behaviour analysis program. You should block all the requests and you will get full marks. i tried with threatfire, comodo internet security and system protect and got 340 marks in all of them.

  25. Foysol said on April 10, 2009 at 12:23 pm
    Reply

    Plz give me this softwear

  26. Basical said on August 22, 2009 at 1:25 pm
    Reply

    I tested OSSS (Online Solutions Security suite) – new firewall and HIPS, it’s great — 340/340!!!
    Thanks for the tests!

  27. Dysprositos said on January 8, 2010 at 6:14 am
    Reply

    Ha wow BitDefender 2010 blocked it right away when I tried to download it. Was blocked because it said the download was trojan.generic.2478252

  28. hussain said on March 13, 2010 at 2:16 pm
    Reply

    the best security for your PC is : ESET Smart Security 4, ZoneAlarm Extreme Security, Norton 360(version 4) and BitDefender total security 2010. this is the best software you can use ever.

    Note: DONT use the loser Kaspersky because it’s very weak it missed 81 virus on my PC and Norton 360 Removed them all with out UpDate.

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

Please note that your comment may not appear immediately after you post it.