Sandboxie vs bufferzone vs Gswall vs powershadow vs etc ........

which is best for virtual software for tight security..........

please share your reviews........

i used bufferzone before but dont like it much
and sandboxie too


please tell how to set sandboxie with your firewall too.......
because bufferzone dont need to connect.........internet wonder why sandboxie......

please give both types

booted virtulation (powershadow, vmwire)and non booted ones(sandboxie, bufferzone)

I used GeSWall but have now moved to SandboxIE. Same kind of concept, virtual sandbox, but one being policy based. I don't have SandboxIE asking for permission to connect anywhere, maybe your seeing it being redirected through your browser's connection. SandboxIE if you configured it correct is easy and safe. Geswall is set and forget too but good security as well especially keyloggers.

I tried Shadow Defender which is better in my opinion than Shadow User but seems to be a bit of a clone. Others here are using Returnil and PowerShadow, but I've never used them as they don't work in my hard drive configuration.

dja2k

-{ Quote: "I used GeSWall but have now moved to SandboxIE. Same kind of concept, virtual sandbox, but one being policy based. I don't have SandboxIE asking for permission to connect anywhere, maybe your seeing it being redirected through your browser's connection. SandboxIE if you configured it correct is easy and safe. Geswall is set and forget too but good security as well especially keyloggers.

I tried Shadow Defender which is better in my opinion than Shadow User but seems to be a bit of a clone. Others here are using Returnil and PowerShadow, but I've never used them as they don't work in my hard drive configuration.

dja2k" }-

Hi dja2k

I am using both Sandboxie and Shadow Defender. Like them both. Shadow Defender while is kind of a look alike on ShadowUser, it's a legit program, and not a copy. I verified that before buying it.

Pete

I know Pete, I was simply explaining to mack_guy911 since he mentioned ShadowUser. I stated "seems to be a bit of a clone" not saying directly that it is a clone. I'll watch my wording better next time. But yeah I know you use them both, I PM'ed you about Shadow Defender a couple of days ago. :D

dja2k

-{ Quote: "I know Pete, I was simply explaining to mack_guy911 since he mentioned ShadowUser. I stated "seems to be a bit of a clone" not saying directly that it is a clone. I'll watch my wording better next time. But yeah I know you use them both, I PM'ed you about Shadow Defender a couple of days ago. :D

dja2k" }-

My Duh. Tell you the truth I was mighty suspicuous, but grnxnm said no it wasn't.

Pete

Hi

The originator of this thread asked about which of the three products is best for "tight security".

One way to look at this is of course just to compare peoples views of the three products. Sandboxie, GesWall and BufferZone.

BUT Security in my view is not just a one product job. There is no product that will do everything. So if you use the internet, banking in particular, one aspect of tight security must be security of login information. This means guarding against keyloggers.

I don't think Sandboxie is particularly strong in protecting against this kind of threat (yes it ensures the keylogger has gone next time the browser is opened, but by then your information has been spirited away. I think some protection is afforded by B/Zone and GesWall but from what I see there are always Keyloggers around that will beat them.

So the BuzzWord is layered protection. Products that each are "best of breed" that work together well. There is a product called KeyScrambler, which I rate highly" that does not try to eliminate keyloggers it simply scrambles the keystrokes of passwords etc therebye defeating the object of Keyloggers.

Sandboxie, which I use is a small download and operating footprint. Not glamorous BUT works well with KeyScrambler on IE7 and Firefox. GesWall does NOT. The developers have said it may do in the future. Insofar as BufferZone is concerned, I do not know if it works with KeyScrambler. It is however bloated with,in my opinion unnecessary features and and my system was definitely not happy.

So hope this adds a little perspective to the debate

Terry

-{ Quote: "
BUT Security in my view is not just a one product job. There is no product that will do everything. So if you use the internet, banking in particular, one aspect of tight security must be security of login information. This means guarding against keyloggers.

I don't think Sandboxie is particularly strong in protecting against this kind of threat (yes it ensures the keylogger has gone next time the browser is opened, but by then your information has been spirited away. I think some protection is afforded by B/Zone and GesWall but from what I see there are always Keyloggers around that will beat them.
Terry" }-
Haven't tried this as yet and have no experience with key loggers.

Adding the below to Sandboxie's ini settings will stop anything sandboxed other than your your browser connecting to the net.Replace firefox with the browser you use.
ClosedFilePath=!firefox.exe,\Device\Afd*
ClosedFilePath=!firefox.exe,\Device\Tcp
ClosedFilePath=!firefox.exe,\Device\Udp
ClosedFilePath=!firefox.exe,\Device\RawIp
Wonder if these same settings will stop any key loggers installed unknowingly within a sandboxed browser session stop any outbound attempts by the keylogger.

Franklin

Hi thanks for that information.

Could you expand on it a little more please. Line by line basis?

The additions to the ini file what do they actually do? You appear not to be certain that they will stop Keyloggers so what actually do they stop connecting to the internet?

What happens if you want to use windows Media player sandboxed

Where did you find the info?

Thanks very much for your help

Terry

Hi Terry, think I've seen you over at SB's forum.

If I run WMP sandboxed with those extra ini settings it is unable to phone home, or so it seems that way.

Quite a big thread but should explain what you need.
http://sandboxie.com/phpbb/viewtopic.php?t=1903

Why is this topic posted in this section? ???

-{ Quote: "Why is this topic posted in this section? ???" }-This is the forum for sandbox discussions.

Forum Sticky....Anti-Malware separated from Privacy software forum (http://www.wilderssecurity.com/showthread.php?t=137935)
-{ Quote: "This section (other anti-malware software) is the place for discussions involving: anti-spyware, HIPS, sandboxes, anti-keyloggers, popup blockers, OS hardening, registry monitoring tools, and other similar products, that are not anti-virus or anti-trojan products, as those have their own dedicated sections." }-

-{ Quote: "There is a product called KeyScrambler, which I rate highly" that does not try to eliminate keyloggers it simply scrambles the keystrokes of passwords etc therebye defeating the object of Keyloggers.
" }-
This product has a compatibility bug- if you set up kernel-mode process creation notofication hookes, processes that has KS inside start to terminate realy slow. Their develpers are notified by me and working under this problem's solution.