A question about virtualization programs (SandboxIe, Safespace, Returnil) etc

Discussion in 'sandboxing & virtualization' started by Defcon, Jul 9, 2008.

Thread Status:
Not open for further replies.
  1. Defcon

    Defcon Registered Member

    Joined:
    Jul 5, 2006
    Posts:
    337
    To be honest, I know about these but have never used them because I'm behind a router, have an AV and have never been infected. But that doesn't mean I'll never get infected, so I want to try them out.

    How do you use these when I am actively downloading programs, videos from youtube etc, running flash apps, and the browser (Firefox) also needs access to the filesystem for various addons (Scrapbook, saving bookmarks) etc.

    Is there an easy way to designate a set of folders which are not virtualized?
     
  2. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590
    I depends on which one you are using. Sandboxie for example doesn't need a reboot and provides a means for recovering downloaded files.

    They all are slightly different.
     
  3. Defcon

    Defcon Registered Member

    Joined:
    Jul 5, 2006
    Posts:
    337
    What I mean is I don't want the files I choose to download, or the ones Scrapbook needs to read/write, to go through the virtualized stage, and have to remember to recover them. But any automatic downloads by a bad website (which will go to my windows system folder) should be caught.

    e.g. from reading about FD-ISR it seems to have this capability where your data folder can be shared across images. I want something like that.
     
  4. Someone

    Someone Registered Member

    Joined:
    Jan 18, 2008
    Posts:
    1,106
    Hi

    Well I think you can use a policy sandbox (GesWall, DefenseWall).
     
  5. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590
    Actually FDISR has no such capability. You are expecting a program to tell the difference between a good and bad download?
     
  6. HURST

    HURST Registered Member

    Joined:
    Jul 20, 2007
    Posts:
    1,419
    I think what the OP wants is that downloads that go to the data folder don't be caught by the sandbox, but if something comes and goes to lets say, system32 folder, it should be stopped.

    If that's the case, I would go with SBIE, and enable inmediate recovery. Downloads are just delayed by ONE CLICK. And if you see anything that goes to another folder, just don't recover it from the sandbox.
     
  7. Someone

    Someone Registered Member

    Joined:
    Jan 18, 2008
    Posts:
    1,106
    Hi

    I would have thought with the OP's needs GesWall/DefenseWall will be easiest. Downloads are just delayed by ZERO CLICKS (I think).
     
  8. bellgamin

    bellgamin Registered Member

    Joined:
    Aug 1, 2002
    Posts:
    8,119
    Location:
    Hawaii
    What you want to do is easily accomplished with Sandboxie. Simply enable direct access for those files, such as the ones mentioned in above quote. Poof! Mission accomplished.
     

    Attached Files:

    Last edited: Jul 10, 2008
  9. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590
    Actually side stepping downloads defeats the protection, and one doesn't really have to remember them. When my browser is closed the sandbox is automatically deleted, and if something was downloaded a box automatically pops up giving me the opportunity to recover. No big deal here.
     
  10. Defcon

    Defcon Registered Member

    Joined:
    Jul 5, 2006
    Posts:
    337
    Thanks, I did not know about the file access settings in SandboxIE. I think that suits my needs, I'm off to try that out !!
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.