SandboxIE+NOD2.7

Discussion in 'sandboxing & virtualization' started by Stijnson, Apr 4, 2008.

Thread Status:
Not open for further replies.
  1. Stijnson
    Offline

    Stijnson Registered Member

    At the moment NOD32 2.7 is my AV. This AV has 2 modules called AMON (monitors all disk writing/reading) and IMON (monitors internet files reading/downloading etc).

    Does anyone if these modules continue to work properly (read: scan files) when a browser is sandboxed? I hope there are other NOD32 2.7 users here who can help me out.
  2. MikeNAS
    Offline

    MikeNAS Registered Member

    Yes of course they work like before.
  3. Stijnson
    Offline

    Stijnson Registered Member

    Apparently not, because the number of files scanned by IMON doesn't increase when browsing sandboxed. Or is there a workaround for this?
  4. MikeNAS
    Offline

    MikeNAS Registered Member

    I installed latest Sandboxie and latest (I can't download 2.7 NOD via their web pages) NOD. I run Firefox inside of Sandboxie and Web access protection number of scanned objects working like it should.

    EDIT: It's nice that I don't have to restart computer if I like to use NOD :D
  5. Stijnson
    Offline

    Stijnson Registered Member

    Yes, but that means that you are using NOD v3 (which works without AMON/IMON modules).
  6. MikeNAS
    Offline

    MikeNAS Registered Member

    Yeah maybe that is problem :argh:
  7. Stijnson
    Offline

    Stijnson Registered Member

    I guess so :D
    So my initial question still stands...:)
  8. MikeNAS
    Offline

    MikeNAS Registered Member

    I test version 2.7 now. I inform results soon.
  9. MikeNAS
    Offline

    MikeNAS Registered Member

    It looks like that IMON scans sandboxed browser but scanned files number is always same. File: status changed correctly so that's why I believe everything is ok. Some wiser can correct if my opinion is wrong :D
  10. Stijnson
    Offline

    Stijnson Registered Member

    That's great MikeNAS. Could you also let me know how AMON behaves INSIDE the Sandbox? Does it scan all files, so also the files IMON doesn't?
  11. Stijnson
    Offline

    Stijnson Registered Member

    File status changed? Can you explain what this means?
    I think Marcos at some point stated that IMON wasn't able to scan inside a sandbox, that's why I'm amazed about your findings.
  12. MikeNAS
    Offline

    MikeNAS Registered Member

    AMON working correctly. Scanned files number is ok too.

    I mean that IMON actually see sandboxed browser web page address and files.
  13. Stijnson
    Offline

    Stijnson Registered Member

    So it DOES show the correct url in IMON, but the number of files scanned doesn't increase? Is that a correct assumption?
    This could also mean that the files aren't being scanned by IMON at all, just showing the correct url...Hmmm.
    Does AMON scan these files I wonder.
  14. MikeNAS
    Offline

    MikeNAS Registered Member

    That's correct assumption. AMON scans sandboxed saved files.
  15. Stijnson
    Offline

    Stijnson Registered Member

    Saved files being files downloaded and saved outside the sandbox? But what about the urls and links a user visits while browsing in a sandbox?
    Wouldn't this be harmful?
  16. MikeNAS
    Offline

    MikeNAS Registered Member

    saved files = inside of sandboxie and of course outside too :D

    urls and links aren't harmful because all files are inside of sandboxie and if something comes to your sandboxed computer AMON scans that. And of course just empty your sandbox and everything is gone.
  17. Stijnson
    Offline

    Stijnson Registered Member

    All I needed to hear. Thanks Mike, you've been of great help! :thumb: :thumb:
Thread Status:
Not open for further replies.