Sign in to follow this  
bocl

Mamutu scores 80 from 340 on Comodo Leak Test

Recommended Posts

Hi Lynx,

Thank you for the test link submited (COMODO leak test)!

xp sp3 +Mamutu+kerio 2.15 ----> Score 80/340

COMODO Leaktests v.1.1.0.3

Date 9:42:31 AM - 10/31/2010

OS Windows XP SP3 build 2600

1. RootkitInstallation: MissingDriverLoad Vulnerable

2. RootkitInstallation: LoadAndCallImage Vulnerable

3. RootkitInstallation: DriverSupersede Vulnerable

4. RootkitInstallation: ChangeDrvPath Vulnerable

5. Invasion: Runner Vulnerable

6. Invasion: RawDisk Protected

7. Invasion: PhysicalMemory Vulnerable

8. Invasion: FileDrop Vulnerable

9. Invasion: DebugControl Vulnerable

10. Injection: SetWinEventHook Vulnerable

11. Injection: SetWindowsHookEx Vulnerable

12. Injection: SetThreadContext Vulnerable

13. Injection: Services Vulnerable

14. Injection: ProcessInject Protected

15. Injection: KnownDlls Vulnerable

16. Injection: DupHandles Protected

17. Injection: CreateRemoteThread Protected

18. Injection: APC dll injection Vulnerable

19. Injection: AdvancedProcessTermination Protected

20. InfoSend: ICMP Test Protected

21. InfoSend: DNS Test Protected

22. Impersonation: OLE automation Vulnerable

23. Impersonation: ExplorerAsParent Vulnerable

24. Impersonation: DDE Vulnerable

25. Impersonation: Coat Vulnerable

26. Impersonation: BITS Vulnerable

27. Hijacking: WinlogonNotify Vulnerable

28. Hijacking: Userinit Protected

29. Hijacking: UIHost Vulnerable

30. Hijacking: SupersedeServiceDll Vulnerable

31. Hijacking: StartupPrograms Vulnerable

32. Hijacking: ChangeDebuggerPath Vulnerable

33. Hijacking: AppinitDlls Vulnerable

34. Hijacking: ActiveDesktop Vulnerable

Score 80/340

XP3 sp3+ Malware Defender +Kerio 2.15 ------>Score 300/340

COMODO Leaktests v.1.1.0.3

Date 9:36:59 AM - 10/31/2010

OS Windows XP SP3 build 2600

1. RootkitInstallation: MissingDriverLoad Protected

2. RootkitInstallation: LoadAndCallImage Protected

3. RootkitInstallation: DriverSupersede Protected

4. RootkitInstallation: ChangeDrvPath Protected

5. Invasion: Runner Protected

6. Invasion: RawDisk Vulnerable

7. Invasion: PhysicalMemory Protected

8. Invasion: FileDrop Protected

9. Invasion: DebugControl Protected

10. Injection: SetWinEventHook Protected

11. Injection: SetWindowsHookEx Protected

12. Injection: SetThreadContext Protected

13. Injection: Services Protected

14. Injection: ProcessInject Protected

15. Injection: KnownDlls Protected

16. Injection: DupHandles Protected

17. Injection: CreateRemoteThread Protected

18. Injection: APC dll injection Protected

19. Injection: AdvancedProcessTermination Protected

20. InfoSend: ICMP Test Protected

21. InfoSend: DNS Test Protected

22. Impersonation: OLE automation Protected

23. Impersonation: ExplorerAsParent Protected

24. Impersonation: DDE Protected

25. Impersonation: Coat Vulnerable

26. Impersonation: BITS Vulnerable

27. Hijacking: WinlogonNotify Protected

28. Hijacking: Userinit Protected

29. Hijacking: UIHost Protected

30. Hijacking: SupersedeServiceDll Protected

31. Hijacking: StartupPrograms Protected

32. Hijacking: ChangeDebuggerPath Protected

33. Hijacking: AppinitDlls Protected

34. Hijacking: ActiveDesktop Vulnerable

Score 300/340

I have to say that I am verry dissapointed !

Thanks,

Claudiu

Share this post


Link to post
Share on other sites

Hi Lynx, Thank you for the test link submited (COMODO leak test)!

Hi Claudiu,

I never "submitted" neither any Comodo leak tests, not links :blink: I have no idea what are you talking about

Testing Mamutu or alike with that (firewall test) is useless anyway

My regards

Share this post


Link to post
Share on other sites

Hi Claudiu,

I never "submitted" neither any Comodo leak tests, not links :blink: I have no idea what are you talking about

Testing Mamutu or alike with that (firewall test) is useless anyway

My regards

Hi Lynx,

I received an email from Ray (I tought it was you, sorry) pointing to ComodaLeakTest.

So, let me get this straight:

Zemana tests [..]are completely inappropriately written tests

The Ardamax request here is pretty much redundant...

Testing Mamutu or alike with that (firewall test) is useless anyway...

It seems like nothing is good enaugh / appropriate to test Mamutu and we simply have to believe that Mamutu works as described...

Once again , which test do you thing is appropriate to prove that indeed Mamutu can detect ALL of the items mentioned in its setting?

Thank you,

Claudiu

Share this post


Link to post
Share on other sites
I received an email from Ray (I tought it was you, sorry) pointing to ComodaLeakTest...

Sure, thanks, because I was "shocked"

The Ardamax request here is pretty much redundant...
the redundancy was mentioned only due to already existing request of yours & only developers can add to that as it was written
Testing Mamutu or alike with that (firewall test) is useless
Yes
which test do you thing is appropriate to prove that indeed Mamutu can detect ALL of the items mentioned in its setting?
have you ran at least few pointed?

As for the classification of "ALL of the items mentioned" I personally don't know the existence of such comprehensive test that will categorize every & each item listed. The thing I know - that must be real malware tested & only developers can tell/reveal the details of such test

That's enough for me that all tests I performed are working; I do have all alerts (except two mentioned); I've seen the alerts triggered because of real malware as well.

My regards

Share this post


Link to post
Share on other sites

Mamutu is not a firewall. However, Online Armor is. Give that a whirl, and see how it scores ;)

In any case, Mamutu is a behavior blocker. This means that "potentially" malicious actions are alerted. Malware Defender is a Host Intrusion Prevention System, which means all specified changes to the system are alerted.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Sign in to follow this  

  • Recently Browsing   0 members

    No registered users viewing this page.