BufferZone free version

Discussion in 'sandboxing & virtualization' started by overangry, Jun 2, 2010.

Thread Status:
Not open for further replies.
  1. Franklin

    Franklin Registered Member

    Joined:
    May 12, 2005
    Posts:
    2,517
    Location:
    West Aussie
    Check the address in the pics I posted. XP VM.
     
  2. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Old lazy system programmers & out of the box .....

    The ones I know use bufferoverflow tricks to initiate internal tables in a 'lazy' manner.. Lazy is minimal code with maximal effect. How does this relate to out of the box?
    :D
     
  3. IceCube1010

    IceCube1010 Registered Member

    Joined:
    Apr 26, 2008
    Posts:
    963
    Location:
    Earth
    Thanks Franklin. I had to unhide the directory to see c_. However, when I drag and drop my firefox icon into c_, it remains as a shortcut and does not start in the BZ. I'm obviously doing something wrong. Not sure what.

    thanks
    Ice
     
  4. IceCube1010

    IceCube1010 Registered Member

    Joined:
    Apr 26, 2008
    Posts:
    963
    Location:
    Earth
    lol, too funny.
     
  5. Franklin

    Franklin Registered Member

    Joined:
    May 12, 2005
    Posts:
    2,517
    Location:
    West Aussie
    Pin FF to the start menu then drag and drop that icon into the BZ C drive.

    A normal FF desktop shortcut icon doesn't work here either.

    You can also right click BZ's C drive and send to desktop (create shortcut) then drag and drop FF that's pinned to the start menu straight into the BZ C drive shortcut.

    Or copy and paste FF's whole program's folder to BZ C drive then create a desktop shortcut of the FF exe within and now it should start within BZ.

    Any malware.exe sample on desktop that's dragged and dropped into the BZ C drive desktop shortcut is starting through BZ as well here.

    One.JPG
     
  6. roady

    roady Registered Member

    Joined:
    Mar 27, 2005
    Posts:
    262
    Did anyone try their free security test?
    Code:
    http://www.trustware.com/Free-Security-Test/
    On win7 32 bit,everything was stopped by the BufferZone Pro trial,so I gave the security test a shot with SandBoxie 3.45.14 64 bit on my Vista 64 partition.

    Results for SandBoxie:
    1/Launch your Windows Calculator. FAIL

    2/Abort your Internet Explorer. FAIL

    3/Access several sensitive files (no harm will actually be done), and scan your "My Documents" folder where you most likely keep your private information. SUCCES :argh: :argh:

    4/We will place your sensitive file names (names only!) on our server. Your firewall may notify you of our demo trying to access your system. This means that our simulation was successful and is reporting its findings to our server. FAIL

    Although the idex results and transfer of my "My Documents" folder was blocked to their server,there was a notepad file in the sandbox that listed the contents of it,so there's a way to access files outside SBIE's sandbox.

    Most likely,as I'm relatively new to sandboxing and virtualisation,I haven't SandBoxie properly configured or tightened enough,but it's a strong point for BufferZone that it blocks that kind of behaviour right out of the box,without (novice or inexperienced) users having to crunch through a lot of configuration tabs and helpfiles.
    Even if the file wasn't uploaded,I'm worried about the fact that their test program could actually acces folders out of the sandbox.....
     
  7. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    13,744
    Location:
    Canada
    i tested the free version with real malware and BZ was stable and protected my system:thumb:
     
  8. Konata Izumi

    Konata Izumi Registered Member

    Joined:
    Nov 23, 2008
    Posts:
    1,557
    bump. o_O :D
     
  9. IceCube1010

    IceCube1010 Registered Member

    Joined:
    Apr 26, 2008
    Posts:
    963
    Location:
    Earth
    Thank you Franklin, I took door number three! Very nice program and works well with FF.

    Ice
     
  10. Chuck57

    Chuck57 Registered Member

    Joined:
    Sep 2, 2002
    Posts:
    1,770
    Location:
    New Mexico, USA
    Decided to try BZ free. I have an older version desktop XP pro along with other things and have always like bufferzone. I'd completely forgotten about it since I use this laptop w/Vista HP almost exclusively.

    When I downloaded it and rebooted, I got a strange message telling me that 'Windows has been illegally changed' or something to that effect, then went into shutdown. After booting up again, all was okay.

    With 2G RAM and Vista HP there is a very slight slowdown with BZfree, but not bad. I'm still playing with it and, as on my desktop, I like this new version of Bufferzone. It plays well with Defensewall 3, which I also use, although probably overkill.

    There's supposed to be a way in the free version to schedule an automatic emptying of BZ. Haven't found that yet, but it doesn't take much but a couple of mouse clicks to do it manually.

    It's a good alternative to Sandboxie, which simply refuses to run on this laptop for some reason. I think BZ is a keeper.
     
  11. Boost

    Boost Registered Member

    Joined:
    Feb 2, 2007
    Posts:
    1,294
    I'm running bufferzone pro and have just 1-issue.

    When opening pdf's,they will not display or open correctly.
     
  12. IceCube1010

    IceCube1010 Registered Member

    Joined:
    Apr 26, 2008
    Posts:
    963
    Location:
    Earth
    Strange error. I'm running win7 32 with ie8 and using BZ free, the pdf displays an error opening pdf doc. Close your browser and try again. But when I click the ok button, the pdf opens up in the BZ. :eek:

    Ice
     
  13. Boost

    Boost Registered Member

    Joined:
    Feb 2, 2007
    Posts:
    1,294
    Fixed it, changed my pdf viewer from Foxit to Free eXpert PDF Reader :thumb:

    Bufferzone is a pretty cool program IMO.
     
  14. tobacco

    tobacco Frequent Poster

    Joined:
    Nov 7, 2005
    Posts:
    1,531
    Location:
    British Columbia
    i'm alittle confused by some of the comments here pertaining to browsers. Simply right clicking on the firefox or iron chrome icon and selecting "open in bufferzone" works fine.
     
  15. kjdemuth

    kjdemuth Registered Member

    Joined:
    Jul 29, 2005
    Posts:
    2,974
    Location:
    Boston, MA
    Not to ask a dumb questions....Is Bufferzone considered a virtualization or policy restriction like geswall?
     
  16. Boost

    Boost Registered Member

    Joined:
    Feb 2, 2007
    Posts:
    1,294
    Virtualization
     
  17. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    13,744
    Location:
    Canada
    sandbox/virtualization of files;)
     
  18. johncage

    johncage Registered Member

    Joined:
    Aug 11, 2008
    Posts:
    70
    Does right click a .*exe file "open inside BZ" do the same thing?
     
  19. Franklin

    Franklin Registered Member

    Joined:
    May 12, 2005
    Posts:
    2,517
    Location:
    West Aussie
    Yep, that works here with a 5 second delay which I didn't bother trying as the first option brings up a "This functionality only available..." so I didn't bother checking the others. How embarrassing. :D

    Thanks tobacco for pointing that out. Way easier than dragging/dropping icons all over the place. :)
     
  20. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Bufferzone is a very smart application virtualisation program, which requires less user interlligence than with other application virtualisation softwares


    Bufferzone (Pro)

    1. Runs programs like SBIE forced into the sandbox or with right click on demand
    2. Allows installs into AND offers program specific removes from the sandbox
    3. Sandbox survices sessions, seperate maintenance options to clear the sandbox, compared to SBIE it only has one (1) sandbox (so no different settings like SBIE per sandbox possible).


    Things I like about BZ Pro
    1. Places a clear mark (BZ icon) when stored objects are virtualised, draws a red line when virtualised programs start.

    2. Has a unique feature to sandbox, allow or deny or ask when any NEW PROGRAM or SCRIPT (2 seperate options) tries to run which is created by TRUSTED programs, so in this way it looks like Comodo sandbox (or any anti-executable program like old process guard)

    3. Allows mail programs to start visualised, but let the mail and attachements be stored onto the real system. Due to option 2, you are still protected without the hassle (as with safespace and SBIE) to keep them in a sandbox (which has consequences for interaction and useability). So it has the same usage advantage of a Policy Sandbox application (like DW and GW).

    4. Offers settings trough a GUI menu (like firewall option of sandboxed programs).

    5. Does a better job than SBIE in regard to keylogger protection in sandbox sessions (with SBIE you can work around this SBIE disadvantage by starting a clean sandbox session, doing your sensitive business and clear the session when you are done).

    That is why I think it is more appropriate for people sharing a PC with noobs or making their first steps into applcation virtualisation. It looks like more like SafeSpace than SBIE (1 sandbox + easy GUI), has Comodo Sandbox for things created by trusted aps (so offers system wide protection, instead of only on threatgates) and has policy management ease of use/transparency for mail programs (looks more like DW and GW for the user, in this sence that user ca be totally unaware of BZ, while having full functionality).
     
    Last edited: Jun 7, 2010
  21. tobacco

    tobacco Frequent Poster

    Joined:
    Nov 7, 2005
    Posts:
    1,531
    Location:
    British Columbia
    and i guess the mods have forgotten that we now have a "virtualization section":p
     
  22. IceCube1010

    IceCube1010 Registered Member

    Joined:
    Apr 26, 2008
    Posts:
    963
    Location:
    Earth
    Actually Kees, adding the url with the Citrix server to the Privacy zone accomplishes what I need. Since I know the Citrix server is safe, BZ will let it run normally with a green border around the browser session. So it works out of the box!!!!! Back to my old lazy system/programmer ways.:D

    Ice
     
  23. IceCube1010

    IceCube1010 Registered Member

    Joined:
    Apr 26, 2008
    Posts:
    963
    Location:
    Earth
    Excellent Analysis. I thought it reminded me of SafeSpace also but with less issues.
    Ice
     
  24. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Only downside = sloooooowwwwww compared to Sandboxie

    I allways disregarded BZ becasue SBIE was faster and often was more resistant against new PoC's/threats. Also at BZ launch they offered a price for anyone able to hack BZ. They made some noice but became very quiet when Ilya (of DefenseWall) brough BZ down wthin an hour.

    Because I got a free giveaway I took the time to play with it.

    Especially the Comodo like capabilities are something which makes BZ stand out. It also allows for simpler security of mail programs. What also is a nice feature is to provide keylogger protection in sandboxed sessions. BZ was one of the first to offer a sandbox with a FW control. So i think they conceptually make nice things, but Tzuk and Ilya are better programmers (IMO, speed of bug responses, new exploit solution found, etc).

    For people making first steps to application virtualisation (see for example usage related questions https://www.wilderssecurity.com/showthread.php?t=274246) BZ Pro is a good option.

    Regards Kees
     
  25. Franklin

    Franklin Registered Member

    Joined:
    May 12, 2005
    Posts:
    2,517
    Location:
    West Aussie
    Not seeing any slowness to worry about here Kees.

    BZ as the only security app and only app that auto starts in an XP VM with a gig of ram allocated.
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.