SurfinGuard vs. Sandboxie

Hello all,
I have a question.
I am using an old version of SurfinGuard It is version 5.70 build 281. I used it with win98 and winXP SP1 . It works well.
Now I heard of sandboxie. I want to give it a try. Do you think it is safer than SG ? Would I be more secure ?
Thank you

TA

 

well im tryin surfinguard now and it monitors executables, activex, java, and scripts. it also has other features like a sandbox function like sandboxie. its a bit outdated but offers a bit more than sandboxie can do.

 

Thank you WSFuser for your advice.

I will try sandboxie on another XP box and see if I like it.
I think it is more flexible than SG.

TA

 

The one thing I like about Sandboxie, that it will allow the whole browser to be run inside the sandbox. All changes to that browser are irrelevant.
I cant do that with SG I think. IE will not execute inside the SafeZone.
Good thing about SG is that an executable will be monitored automatically and executed in the sandbox. With sandboxie, if you DL a file with an unsandboxed browser you have to tell sandboxie to run it inside the Sandbox.

TA

 

I think they are two different application's. Sandboxie simply allows you to run your browser in a sandbox and then you can clean everything from the session as though it was never there in the first place. SG runs executables, activex, java, and scripts in it's sandbox, monitors how they behave and then if they are showing no suspicious methods then lets them through to your system. But if they show suspicious behaviour then SG stops them dead and pops up a message box telling you the how and why.

muf

 

Thank you muf for your clear explanation.
I agree with you. They are different application's.
But which one has the better strategy in controlling potential malicious scripts executables etc ? This is what I want from the app.
The thing is I do not want to disable all scripting, java, javascript, activeX, capabilities of IE or FF. To many websites today use these.

TA

 

I don't see Sandboxie popping up with anything to tell you something is suspicious. SG will. I used SG for a year or more and there were occasion's when it intercepted something and popped up a message telling me that it had detected suspicious behaviour. i.e A executable was trying to launch straight from the temporary internet folder. And i remember that i had not knowingly downloaded any executables. So it was a no brainer to realise it had done it's job. I like SG very much, but it does have a tendancy to 'be in the way'. I mean that you have to disable it to download anything otherwise whatever you download will be inspected by SG and the said file you download will be injected with a veryfier to say it's been cleared. Sometimes this can affect the file and make it not function correctly. So you need to disable SG whenever downloading a file to be on the safe side.

What you have to remember though is that in the past SG has proved itself by detecting some of the big exploits, and not needing a signature to do so. It detected them simply by the way they were behaving. Sober, Bagle and MyDoom to name a few. I was always impressed with it and was surpised more people didn't use it.

muf

 

What I have done with Sandboxie is placed shortcuts to "Run Default Browser" being FF on desktop,renamed to FF and changed to FF's icon.Same with IE.

I keep the original unsandboxed icons in the taskbar for easy access if needed.

No probs in remembering to run my browser through the sandbox now.

 

I think I will keep SG on my main XP box for now.
It has saved my box in the past and I know SG works.
But I will keep Sandboxie on my other pc and test it a bit, because I still like the concept of it. I have to see if it is impractical to use it or not.
SG is essentially a set and forget app. I hardly notice that its there and it just works.