http://www.personalfirewall.comodo.com/onlinetest.html

I tested that can not pass the tests, and i was worried. It says that only Comodo can be passed these three tests. Can you repair the problem in next version? Thank you!:)

There are several leak test for firewalls (some of them are more Anti-Spyware tests then firewall tests)
1. Substitution: This technique tries to present itself as a trusted application by renaming itself to a commonly known, safe application such as iexplore.exe. As a result, firewalls that do not verify application signatures fail to detect such attempts. (PC tools Firewall Plus passes this test successfully)
2. Launching: With this technique, a program launches a trusted program by modifying its startup parameters such as command line parameters, to access the Internet. This type of penetration bypasses the firewalls that do not apply parent process checking before granting the internet access. (PC tools Firewall Plus passes this test successfully)
3. DLL Injection: Being one of the most commonly used techniques by Trojans, this method tries to load a DLL file into the process space of a trusted application. When a DLL is loaded into a trusted process, it acts as the part of that process and consequently gains the same access rights from the firewall as the trusted process itself. Firewalls that do not have an application component monitoring feature fail to detect such attacks (PC tools Firewall Plus does not pass this test successfully – This is more an area of anti-spyware that is properly handled by combining Firewall solution with Anti-Spyware)
4. Process Injection: This technique is the most advanced and difficult to detect penetration case that the most of the personal firewalls still fail to detect although it is used by Trojans in the wild. The attacker program injects its code into process space of a trusted application and becomes a part of it. No DLL or similar component is loaded that almost every personal firewall fails to detect this completely (PC tools Firewall Plus does not pass this test successfully – This is more an area of anti-spyware that is properly handled by combining Firewall solution with Anti-Spyware)
5. Windows messages: Windows operating system provides inter process communication mechanism through window handles. By specially creating a window message, a Trojan can manipulate an application's behavior to connect to the Internet (PC tools Firewall Plus does not pass this test successfully – This is more an area of anti-spyware that is properly handled by combining Firewall solution with Anti-Spyware)

NOTE: In future versions PC Tools will combine the Firewall with Spyware Doctor to provide a complete Security Suite which will address all the issues that are not handled by the stand alone firewall.
I hope that this answer you questions.
Best regards, Hanoch

NOTE: In future versions PC Tools will combine the Firewall with Spyware Doctor to provide a complete Security Suite which will address all the issues that are not handled by the stand alone firewall.
I hope that this answer you questions.
Best regards, Hanoch

IMO I hate to see this made into a bloated suite, or at least give the option to not have all the extras.

IMO I hate to see this made into a bloated suite, or at least give the option to not have all the extras.
Seconded. The firewall is what I've been looking for for quite a while - free and light on system resources. I'm just waiting for the bugs and glitches to be ironed out before I employ it full-time, and personally I wouldn't want to have it turned into a bloated suite after all the wait...

Seconded. The firewall is what I've been looking for for quite a while - free and light on system resources. I'm just waiting for the bugs and glitches to be ironed out before I employ it full-time, and personally I wouldn't want to have it turned into a bloated suite after all the wait...

Yep, exactly.... Spyware Doctor should remain optional!

Don't worry; we definitely plan to keep a low-resource standalone version of Firewall without SD or AV. What Hanoch was referring to is that some leak-types really require additional technology, usually found in anti-spyware, such as DLL/process injection prevention and other things which are out of the scope of a dedicated standalone firewall. So if you wanted to optionally prevent them all you would probably need to add some of our other products into the mix -- your choice.

But if you want a solid, standalone, low-resources, non-bloated, task-specific firewall ;) then our standalone firewall is the way to go.

Simon

So what's your point? The DLL/process injection prevention will not implement in this firewall, even subsequent versions?
I already bought other anti-virus, so I have no idea about this.

So if you wanted to optionally prevent them all you would probably need to add some of our other products into the mix -- your choice.

.

Simon

Glad to hear that it is optional! as I already use a standalone hips program with this firewall.

So what's your point?

The point is that there will be two options; people that want "just a firewall" can get just that, people that want full anti-malware protection can get the suite. We will support as much protection in the firewall as possible without taking it away from it's core task; but we can't do both things -- i.e. we can't add every type of protection possible but also not bloat it, it's kind of like saying I want a SUV that can carry 9 people, but it has to be able to fit in a small car spot (bad analogy I know).

I would like to think the suite won't be "bloated" either, but I can appreciate the need for a standalone firewall also.

Simon