Sandbox testing

Discussion in 'sandboxing & virtualization' started by Drew99GT, Sep 30, 2008.

Thread Status:
Not open for further replies.
Page 3 of 3
  1. Kyle1420

    Kyle1420 Registered Member

    Joined:
    May 27, 2008
    Posts:
    490
    The answer and the methods of finding them out are right infront of you. Wilders Forums has rules, Comodo Forums has rules. I'm abiding by them and not handing anything out to "Random people"

    You either have to follow the proccess or not. Either way, I'm sure that people using sandboxie in the group will report any exploits to sandboxie.

    and in regards to the post with BOoClean, It should stay in that thread as this is to do with Sandboxie here.
    I have explained all what needs to be said in that thread and if you wish to continue trying to find something to pick at feel free, but not this thread.
     
    Kyle1420, Oct 3, 2008
    #51
  2. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Hi,

    I just discovered a new form of user mode rootkit. Can't be stopped by windows policy management, sandboxes, etc.

    A pitty I can not tell you about it. I would have to kill you when I did.

    :cool: :cool: 7
     
    Kees1958, Oct 4, 2008
    #52
  3. ruinebabine

    ruinebabine Registered Member

    Joined:
    Aug 6, 2007
    Posts:
    1,096
    Location:
    QC
    Are you sure your choice of emoticons was the right one to carry on the purpose of your poast?
    :^)
     
    ruinebabine, Oct 4, 2008
    #53
  4. doktornotor

    doktornotor Registered Member

    Joined:
    Jul 19, 2008
    Posts:
    2,047
    Indeed - the user sitting behind the keyboard has always been the worst rootkit ever... and will continue to be for quite some time. :D
     
    doktornotor, Oct 4, 2008
    #54
  5. arran

    arran Registered Member

    Joined:
    Feb 5, 2008
    Posts:
    1,156
    Yes I have something to say about this




    And I also have something to say about this.

    Not yet mentioned in this thread anyone remember about the xtra settings that you can add to sandboxie to make it more secure which prevents programs from running inside sandboxie??



    ProcessGroup=<RunAccess_DefaultBox>,firefox.exe,sandboxiedcomlaunch.exe,sandboxierpcss.exe,start.exe
    ClosedIpcPath=!<RunAccess_DefaultBox>,*
     
    Last edited: Oct 4, 2008
    arran, Oct 4, 2008
    #55
  6. HURST

    HURST Registered Member

    Joined:
    Jul 20, 2007
    Posts:
    1,419
    But those anti-execute settings defeat the whole purpose of testing.
    I use them for my everyday sandboxes, but I have 1 sandbox with almost default settings just to test malware.
     
    HURST, Oct 4, 2008
    #56
  7. Kyle1420

    Kyle1420 Registered Member

    Joined:
    May 27, 2008
    Posts:
    490
    This might help might things a bit tighter in certain boxes

    BlockDrivers=y
    BlockWinHooks=y
    BlockFakeInput=y
     
    Kyle1420, Oct 4, 2008
    #57
  8. Franklin

    Franklin Registered Member

    Joined:
    May 12, 2005
    Posts:
    2,517
    Location:
    West Aussie
    Aren't those resources blocked by default unless specified to allow?
    Capture.JPG
     
    Franklin, Oct 4, 2008
    #58
  9. HURST

    HURST Registered Member

    Joined:
    Jul 20, 2007
    Posts:
    1,419
    Franklin you are right...
     
    HURST, Oct 4, 2008
    #59
  10. rolarocka

    rolarocka Guest

    With the new beta you can do this within the GUI of Sandboxie, there is a new menu called "Restrictions".
     
    rolarocka, Oct 4, 2008
    #60
  11. Kyle1420

    Kyle1420 Registered Member

    Joined:
    May 27, 2008
    Posts:
    490
    Oh ok cool. I never looked into the gui, Just did everything by the .Ini
     
    Kyle1420, Oct 5, 2008
    #61
Page 3 of 3
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...