Virtual Sandbox

[Diprivan]

Has anyone tried Virtual Sandbox (www.fortresgrand.com)
How does it compare to DefenseWall / Bufferzone / Sandboxie etc?

[Franklin]

That link doesn't seem to work.
http://www.fortresgrand.com/products/virtualsandbox.htm

Looks interesting though.The two other security apps look ok as well.Anyone tried any of them?

[Rasheed187]

I have checked it out and I´m still playing with it but I didn´t like the fact that it could not display my IE favorites automaticly, plus I also don´t like to be prompted about if an unknown app should run normally or sandboxed. Overall it´s an interesting app which also runs quite smoothly but at the moment it does not seem to be the sandboxing solution I´m looking for.

[Rivalen]

Defensewall is mainly aiming for Internet Security - i e safe surfing, downloads and emailing.

Outlook, IE and similar are untrusted = in the sandbox.

I have added A: and D: to the untrusted for further sandbox-protection.

I save docs, pictures - everything - into my docs - so have have put my docs into "secured files" so that info cant be stolen.

Word, Excel - "normal programs" that you trust and that arent onto internet -except for updates (ie MSAS) - all those are trusted.

No popups whatssoever. Support answers very quickly.

I am not an expert about how DW works so you should visit there site which you probably did already.

Cant compare cause I have only used DW and will stick to DW until it fails me.

Best Regards

[Diprivan]

I personally have settled on DefenseWall. First of all the software is stable and simple to use. The developer is very responsive and is quick to issue bug fixes. However I am a relative newbee and in a poor position to judge the efficacy of this type of software. It still seems to me that DW should be a killer security app, but I am very surprised that it hasn't created more of a stir at Wilder's. It seems that the small hardcore of frequent posters aren't particularly taken with this Sandbox-HIPS approach. For my education it would be interesting to hear their thoughts on the matter.

[Ilya Rabinovich]

Hi everybody!

First of all, as about subject- well, there are a lot of problems with this program if you have more that one logical disk in the system. My IE couldn't start, for instance. Also, it uses ring3-hooks inside the protection engine that couldn't be accepted as a good practice.

As about sandbox HIPS- the thing is that, originally, sandbox HIPS are for the regular (non-technical) users. As for the professional users (most of the Wilders posters)- they prefer classical HIPS and AV engines and, usually, don't discuss sandbox HIPS. I suppose, that there should came some time to change this situation.

As about stir- I have a lot of my work with the new versions and compatibility issues (as I do right now!). I have no paid people, I don't think spaming forums with the posts like "look at my great super-puper software! BUY IT RIGHT NOW!" is a good idea.

Now I concentrate on getting independent reviews to prove sandbox HIPS conception and DefenseWall itself as just a good and simple protective software for every users in the world! I believe that facts are much better then hollow words!

[Fernando Villegas]

Not paid in monetary terms. Perhaps. But paid in other ways.

[David50]

Quote:

Originally Posted by Rasheed187

... I didn´t like the fact that it could not display my IE favorites automaticly...

I am a developer working on Virtual Sandbox. We have fixed this issue. It should be in the online update in a couple of days. The fix also applies to Firefox, Opera, Netscape, AOL, Mozilla, and Avant browsers.

Quote:

Originally Posted by Rasheed187

...I also don´t like to be prompted about if an unknown app should run normally or sandboxed...

This is not an easy one. Please, if you wouldn't mind, what behavior would you prefer when an unknown application is encountered?

Quote:

Originally Posted by Ilya Rabinovich

...it uses ring3-hooks inside the protection engine that couldn't be accepted as a good practice....

Reflecting your concern, the windows hook is separate from all Virtual Sandbox code implementing security. The hook here is an autonomous piece of code that simply displays the Virtual Sandbox system button on the caption bar of applications that are running in an isolated sandbox.

[Rasheed187]

Hi David50,

I guess I don´t like the current approach, I have my own idea about how a sandbox should work. I think that you should have the ability to add certain apps to the "sandbox list" these apps will always run sandboxed. Files downloaded via the browser should also run sandboxed with the ability to move them out if you trust a certain app.

I do not want to be promted about all other apps, if I don´t add them to the list they should be able to run freely. I think DefenseWall and BufferZone come close to what I want. But BufferZone is a resource hog and DefenseWall´s GUI is simply ridiculous.

And btw, on my virtual machine, the Virtual Sandbox configuration wizard is taking extremely long to complete, very frustrating.

[David50]

Quote:

Originally Posted by Rasheed187

I think that you should have the ability to add certain apps to the "sandbox list" these apps will always run sandboxed. Files downloaded via the browser should also run sandboxed with the ability to move them out if you trust a certain app.

There is a “sandbox list”. There are actually four exclusive lists for applications, classifying how they should launch. In Virtual Sandbox parlance each known application has an assignable Treatment Option. The Treatment Options are:
1. Start normally
2. Do not allow to start
3. Prompt the user
4. Launch in Default Sandbox

New programs that are downloaded (or copied or installed from removable media, etc.) are automatically placed in the “Prompt the user” list. (Except, new programs signed by a “trusted” publisher, are placed in the “Start normally” list.)

Per your suggestion, we will add the ability, probably under the Options menu, to automatically assign newly downloaded programs to the “Launch in Default Sandbox” list.

Quote:

Originally Posted by Rasheed187

And btw, on my virtual machine, the Virtual Sandbox configuration wizard is taking extremely long to complete, very frustrating.

With respect to the configuration wizard, it has to search for executables and verify digitally signed files. We have tried to make it as fast as possible; unfortunately these operations take time and presently must be completed during the install. We will revisit the wizard to see if we can speed it up or defer certain operations.

[ErikAlbert]

I have one big problem with virtual protection in general.
I just don't know against what I'm protected and against what I'm NOT protected.

If I use a software like Faronic's Anti-Executable, I have at least a very good idea what it does.
If I use any scanner, I've to guess what it does.
If I use any sandbox, I've to guess what it does.
Maybe that's the explanation for layered security : if you don't what some security softwares do, another software MIGHT do the job.

[Rasheed187]

@ David50

Quote:

There is a “sandbox list”. There are actually four exclusive lists for applications, classifying how they should launch. In Virtual Sandbox parlance each known application has an assignable Treatment Option. The Treatment Options are:
1. Start normally
2. Do not allow to start
3. Prompt the user
4. Launch in Default Sandbox

But that´s the thing, like I said, I do not like the current approach, I do not want Virtual Sandbox to do a startup scan, and I don´t want to be prompted about anything. The way it´s working right now is too intrusive. But I guess this app is not suited for me.

[gderreck]

This is directed to David. I have purchased the product. It does not allow anything to pass. That can be cumbersome but provides the best protection. I have a question. How do you create a custom sandbox. Typically for the default sandbox, I don't want internet access. But I do for IE. Also, if I'm going to run IE in a sandbox, I want it to be able to save favourites, cookies and add-ons (you'd probably want to be promted for downloaded program files). I don't want that to be general behaviour in the defaut box. My preference would be to have a restrictive default, and the ability to create a custom sandbox for certain apps. How do I do this? The help files is generally well thought out, but it either does not address this, or I saw it and didn't know it.

Regards

[gderreck]

PS
You need a fourth option for each application: create a custom sandbox. In time, you should create default sandboxed for certain applictions: internet browsers, chat applications, etc.

[SDS909]

Just use the freeware and very very good Sandboxie.

http://www.sandboxie.com/

All you need.

[stewieg]

Quote:

Originally Posted by SDS909

Just use the freeware and very very good Sandboxie.

http://www.sandboxie.com/

All you need.

I disagree. I tested both of these programs out, and I found sandboxie to be a bit overrated. For one thing, the interface wasn't very navicable or intuitive IMOHO. And any of the "features" that it had, you had to register for it to activate any of that. I just didn't like the feel of it very much. I wasn't sure what was going on behind the scenes to know whether anything or not was trying to compromise my computer. I felt that it was too easy to accidently "approve" (is that the right word?) potentially malicous executables.

After I tested that out, I used virtual sandbox and found it to be exactly what I needed. I agree with gderrek in that I'd like for my favorites to be saved, so if david50 is listening, do you guys plan to add this feature anytime soon?

Even though virtual sandbox prompts all of the time for any new "unknown" program that is trying to run, I sort of like that part about it in the sense that if I don't know about it, I'd like to see what it's all about before I let it run freely. I agree that it was a bit annoying at first, but after you get it configured, and get the general things out of the way via digital signature trusting, etc., it has been running smoothly ever since. I also liked the sandbox explorer portion so I could see exactly what each sandbox was trying to do. Alright, I've rambled enough.

[David50]

Quote:

Originally Posted by gderreck

How do you create a custom sandbox. Typically for the default sandbox, I don't want internet access. But I do for IE.

This is a typical developer response, but anyway…Version 1.1 easily supports multiple sandbox configurations. It is a free upgrade and should be out at the end of next week.

There is a way to accomplish what you want with your current version by using the command line tool, FGVSCMD.EXE. It can create custom sandbox configurations on the fly. This is sparsely documented in the help file. Just as an example though, to spark up a sandbox with Internet access running IE (starting at the page www.WildersSecurity.com) you could issue the command:

C:\Program Files\Fortres Grand\Virtual Sandbox 1.0\FGVSCmd –bij –f C:\Windows –f “C:\Program Files” www.WildersSecurity.com

Quote:

Originally Posted by gderreck

Also, if I'm going to run IE in a sandbox, I want it to be able to save favourites, cookies and add-ons...

Typical response again…Version 1.1 provides an option to map your actual favorites and cookies into the synthetic, and otherwise empty, user profile created for each sandbox.