Defensewall & Sandboxie

Discussion in 'other anti-malware software' started by TheKid7, Dec 14, 2009.

Thread Status:
Not open for further replies.
  1. TheKid7

    TheKid7 Registered Member

    Jul 22, 2006
    I have seen many of the other Threads on this subject. I already have Sandboxie setup and running the way I want on my PC's. I would like to install Defensewall on my PC's.

    Are there any disadvantages to installing Defensewall without making any configuration changes (from Default) to Defensewall?

    If you were to make changes from default for Defensewall, what changes would you make and why?

    Thanks in Advance.
  2. Chuck57

    Chuck57 Registered Member

    Sep 2, 2002
    New Mexico, USA
    I run DW 2.56 and Sandboxie.

    The only change I've made in Sandboxie is to allow only my browser to connect to the Internet and I have Drop My Rights enabled.

    DefenseWall, I'm running just as I downloaded it. No changes at all. I don't see any reason to change it from the regular configuration. I'm confident that if anything gets through Sandboxie (which I doubt), DW will catch it.

    Defensewall and Sandboxie is as close to ideal, I think, as you can get, and you don't think you need to change anything in defensewall.

    Also, with the above two softwares, I don't think any other security is needed.
  3. Kees1958

    Kees1958 Registered Member

    Jul 8, 2006

    It really depends wehther you want a risk based setup or paranoid setup.

    Risk assessment setup
    Normally either of the two programs is strong enough to provide you with all the protection you need. So when assessing riks you would like to complement the protection each of these programs offers.

    Protects you until you decide to trust something.. This could only be applicable when you would like to install a programs which requires admin rights. So the protection of DW ends when trusting a program. This is where teh protection of Sandboxie shoudl start.

    Protects you until you decide to recover something out of the Sandbox. This is where the protection of DW should start.

    Program installation protection
    Define a special directory called (e.g. C:\%UserProfile%\Ïnstall_from_here). Mention this directory in the Defense Excludes (tab Advanced options). Define this directory als as a forced folder in Sandboxie. Now Sandboxie automatically starts protecting when something is installed from this directory.

    File recovery protection
    Check your sandboxes: Define a few imediate recovery directories in Sandboxie, e.g. C:\%UserProfile%\Down_loads and C:\%UserProfile%\Desktop. Now go to DefenseWall and add those two directories in the Untrusted programs list (although it is named profgrams, you can also set files and folders to untrusted). Now DefenseWall starts protecting when something is recovered in those directories.

    Risk based usage
    Normal Usage
    The easiest way is to use DW as your only defense. Sandboxie will kick in as you want to install something.

    Risky/dodgy surfing
    Use your prefered Sandboxed browser (through SBIE quick link). Now your are sure absolute no traces are left over when you stop browsing (set this sandbox to clear at closure). Any files you download in the recobvery directory are handled by DW. During surfing your are double protected (first the virtualisation application container of SBIE, secondly the policy management container of DW).

    As said, only when you want to reduce the overlap o these programs. When you have a multi core PC it is problably irrelevant and you would be using the Risky Dodgy surfing screnario all the time.

    For mail programs
    DW keep it standard. Sandboxie, exclude the mail programs from your sandboxes, but define the directory where you store your e-mails in as a Forced folder.

    Regards Kees
  4. reinwald

    reinwald Registered Member

    Apr 4, 2009
    really good and thought out suggestion! thanks kees!
Thread Status:
Not open for further replies.