Sandboxie Alernative

I am away from home. I wil check and reply later. What is your opera version and OS?

 

Windows XP Professional SP3 ("Performance Edition", but shouldn't matter I think) fully updated with Opera v9.64 (latest stable) build 10487.

 

Here's a question that's very important to me... does Allow-rules go before Deny-rules?

An example...

Opera has pre-defined directories of its own which it's allowed to access. If I create a global-rule to deny creation in the Program Files-directory (root - which means it includes all sub-folders), would that create any problems for Opera, or does its Allow-rules kick in?

Alternatively, since Opera is my main isolated applicated, could I instead create a deny create rule for Opera without getting problems?


With "problems", I don't include software that I download to install and trust, cause I always re-run them as non-isolated just incase.



Why would I want this kind of rule? I saw a good example through Matt Rizos' review; rogues. Rogues might still create things under Program Files, and I simply want to save myself from the hassle of eventual infections of those and other malware with similar approach in their installation - even if I don't think I'll get infected by them myself.

 

There are two type of rules. Global rules and Specific Application rules.
Application Specific rules over-ride Global rules( allow/ block doesn,t matter).

 

Thx for the answer - I realised the answer lies in personal testing in my particular situation, so I had already began. Gonna fiddle around with some settings (rules in GeSWall's case ofc ) as time goes by and ideas pass my mind to make the hardening as effective but seamless as possible.

EDIT: It's indeed the other way around, isn't it? Global rules have highest priority?

 

No Application- specific rules have highest priority.

 

Okay, cause this is not what seems to be when I for example do like this... I've an allow-rule for the folder where I put my backup for bookmarks for Opera, and this is specified specifically for Opera - an Application-rule. Then if I make a Global-rule to Deny Create on my G:-drive, which is my so called "file-drive", Opera has dead-stop access even to that folder, which does reside on the G:-drive.

I can see some kind of logic why this is not working, but I don't think it's good or flexible because of that.

 

You are right. Here application rule is not over-riding global one. I don,t know the reason. Hmm.... u might post over their forums.

 

Nah, it's not too important for me with that rule anyway. If malware would write at that location, it would still be isolated, right?

 

Yes, it wil be.

 

BufferZone
Fortresgrand VirtalSabox

these are couple of more sandbox application
my personal choice would be bufferzone
you can also use

Symantec.Software.Virtualization.Solution for applications


i'll be interested to know if there's any othere sandbox applications

 

Gentlemen,
Thanks to all who responded. Looks like Managed EdgeGuard (enterprise version of AppGuard) may be the way to go. I have yet to see their management console and get some more details on client/server communication.
I have tested BufferZone and it rendered my machine completely unusable: any browser or protected application would take minutes to start, as opposed to seconds. I liked their idea and client UI is pretty neat, but it makes no sense if the product itself is unusable.
I also tried Virtual Sandbox, unfortunately it wasn't stable enough to concentrate on it; also it had troubles displaying browsers properly with it's own formatting.
I've tried other products as well, but none appeared to have been suitable for an enterprise. Most are targeting home users, which won't work in my case.
I will keep looking as well as spend some time on EdgeGuard. I will update the tread as things progress.

Thanks again!

 

Just curious what's your opinion about enterprize version of geswall and safespace?

 

i was at geswall website and was reading to compare the diference between free and paid versions of geswall and something got my attention and it is that the paid version has Malware termination options and the free version does not what is that?i tried the free version and it also terminates malware again what is that?thanks

 

I think it's when you see an attack detection. In the free version, it'll just notify, but ofc still block all that's being made (afterall, it wouldn't really have to notify you about those actions at all since they're just blocked, but it's for the user's convenience). In the pro version, however, it'll let you terminate or ignore what's being made, through two separate buttons on the pop-up which reports attack detections. This means you can faster terminate something which is proven to be malware - simply more direct-options, rather than going through the console. That's it.

That's what I think it's, because I've not seen it in the free version, and I don't have this configurability in the free version, or other configurability seen in the pro version for that matter, in the tray-menu.

 

cool thanks

 

I dunno what other people consider me, but I do like the operation which an average Joe likes; keep it seamless, only prompt or make me take action when absolutely needed.