大家谨慎测试V3!

显示全部楼层 · 发表于 2007-6-8 07:33:27

我和大家一样,等了好几个月的V3了,一看到有马上去下载就装了.....发现其实ALPHA版就只是个模型而已..功能极其不完善
刚装上的时候会发现多好多功能...但是还不能用的,比如说单独加出来的MISCELLENOUS(综合)选项里都还不能使用(除了可以加密码外)
然后再发线防止侵入的地方,端口扫描的数量选项没了.................不知是不是内置了还是忘了???!!!.....
然后就是LEAKTEST...........这是最郁闷的:
我上PCFLANK和各大测试LEAKTEST的工具....用了V3的最好配置...全部失败!!!!!!!!!!!!!!!!!能侦测到,但是选了BLOCK还是出去了!
由此看出....COMODO这次只是为了安慰一下用户急忙出了个ALPHA............
我已经换回2.4的了...等代其他高手测试.....新手不推荐使用!

显示全部楼层 · 发表于 2007-6-8 07:42:52

自己做沙发!!!要补充的是....ALPHA其不完善的地方不只是这些,但以上的那些就够让我先不用了
其实不想泼冷水.....毕竟大家都等了那么久了....但都是为大家计算机安全着想
我们还是等到至少BETA版的时候再用吧,都等了那么久了,就不差那么一点了

显示全部楼层 · 发表于 2007-6-8 08:05:18

COMODO 的文件经过加密，汉化不了。

显示全部楼层 · 发表于 2007-6-8 08:12:51

alpha版是比BETA版还要早的版本，主要看一下功能布局，HIPS可以用

[ 本帖最后由 rushmore 于 2007-6-8 09:38 编辑 ]

显示全部楼层 · 发表于 2007-6-8 08:19:53

其实等了很久，今天终于等到了，很兴奋。可是看起来这个alpha版是不适合我这些菜鸟用的

显示全部楼层 · 发表于 2007-6-8 08:23:25

这个。。。。这个关注中

显示全部楼层 · 发表于 2007-6-8 08:32:06

1. Termination Test:
Process Explorer v10.21: Passed
IceSword v1.20: Passed (but it fails if drivers are loaded)
Rootkit Unhooker v3.31: Passed (but it fails if drivers are loaded)

IF MEMORY ACCESS TO CFP.exe are allowed! Unless it pass all test, I think that Simple Termination test is more representative
Advanced Termination Test:
TerminateProcess kill method - Passed
WM_Close message kill method - Passed ( /background)
WM_Quit message kill method - Failed
SC_Close message kill method - Passed
TerminateThread kill method - Passed
CreateRemoteThread -> ExitProcess - Failed
EndTask kill method - Failed
DebugActiveProcess kill method - Passed
EIP Modification -> ExitProcess - Failed
WinStationTerminateProcess -> Unknown (I don't have Terminal Service)
Injects a dll into the process wich calls ExitProcess - Detected but Failed
Injects Killcode - Failed
ZwTerminateThread - Passed
ZwTerminateProcess - Passed
Crash with VirtualProtectEx - Failed
Crash with WriteProcessMemory - Failed

Simple Termination Test:
Standard process termination - Passed
Terminate process by terminating all its threads - Passed
Terminate process using remote thread - Passed
Terminate process by instruction pointer (IP) modification - Passed
Crash process by resetting memory attributes - Passed
Crash process by rewriting critical process data - Passed
Terminate process as part of a job - Passed
Terminate process using debuger - Passed
Terminate process as a task - Failed (not detected)
Terminate process by sending WM_CLOSE - Failed (not detected, but cfp.exe still exist...)
Terminate process by sending WM_SYSCOMMAND - Failed (not detected, but cfp.exe still exist...)
Terminate process using windows station message - Unknown
Terminate process using DLL injection 1 - Passed
Terminate process using DLL injection 2 - Passed
Simulation of normal process exit - Failed
Terminate process by "bruteforce" message posting - Failed

2. KeyLogger Test:
KeyHook: Passed
Anti-KeyLogger Tester (AKLT):
GetKeyState - Passed
GetAsyncKeyState - Passed
DirectX - Passed
(Screenshot 1 Passed, Screenshot 2 Failed but nobody cares!).

Simple KeyLogger Test:
GetKeyState - Passed
GetAsyncKeyState - Passed
Low Level Keyboard Hook - Passed
Journal Record Hook - Passed

3. Registry Test:
Ghost Registry Tester: Test 1 - Failed / Test 2 - Passed

Scoundrel Simulator:
Change Internet Explorer's Home Page - Passed
Disable Internet Options - Failed
Disable Registry Editor - Failed
Add to Windows Startup - Passed
Add to Windows Startup (Start menu group) - Failed

Spycar:
AlterHostsFile.exe - Passed
HKCU_Run.exe - Passed
HKCU_RunOnce.exe - Passed
HKCU_RunOnceEx.exe - Passed
HKLM_Run.exe - Passed
HKLM_RunOnce.exe - Passed
HKLM_RunOnceEx.exe - Passed
IE-HomePageLock.exe - Passed
IE-KillAdvancedTab.exe - Passed
IE-KillConnectionsTab.exe - Passed
IE-KillContentTab.exe - Passed
IE-KillGeneralTab.exe - Passed
IE-KillPrivacyTab.exe - Passed
IE-KillProgramsTab.exe - Passed
IE-KillSecurityTab.exe - Passed
IE-SetHomePage.exe - Passed
IE-SetSearchPage.exe - Passed

显示全部楼层 · 发表于 2007-6-8 08:32:32

With simple additon of protected registry keys in the GUI, all registry tests could be passed. We have not included a default configuration which provides a maximum defense right now. But in the final release, without any doubt, all will be included.

As I mentioned before, the architecture is designed so that you can simply add registry keys for protection and they will be protected.

We haven't had time to add all the security.. we will in the final version

Melih

显示全部楼层 · 发表于 2007-6-8 08:53:51

原帖由 xemacs 于 2007-6-8 08:32 发表
1. Termination Test:
Process Explorer v10.21: Passed
IceSword v1.20: Passed (but it fails if drivers are loaded)
Rootkit Unhooker v3.31: Passed (but it fails if drivers are loaded)

IF MEMOR ...

强人，都介绍一下你那些测试工具吗？

显示全部楼层 · 发表于 2007-6-8 09:01:08

原帖由 sxingbai 于 2007-6-8 08:53 发表

强人，都介绍一下你那些测试工具吗？

不是我测试的，昨晚等了好久快凌晨1点了尽早八点起床刚刚洗过脸呵呵

不过那些工具很容易在网上下载到的