antivirus, hips and sandboxes

Discussion in 'other anti-malware software' started by jmonge, Jul 4, 2008.

Thread Status:
Not open for further replies.
  1. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    8,344
    Location:
    U.S.A. (South)
    Hey come on, keep a few on the grill for your neighbors too. :D LoL

    Yeah, i was going to reply earlier but decided against it untill another user that uses both could attest to their success using both. I always use one or the other but i have used them both in the past myself with no probs.

    As far as overdoing it, malware don't stand a chance in Hades hole of so many hoops they have to climb and with an electric fence in their path, they don't stand a snowball's chance of hopscotching very far untill their toast. :D
     
  2. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,922
    Location:
    Canada
    yep.:) after eating all that barbacue i have to delete the sandbox:D
     
  3. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,922
    Location:
    Canada
    i dont run any scaners,and i know it is very usufull to use them but i dont anyway.i run DefenseWall+SandBoxie+returnil+windows firewallo_O
    no softwares firewalls runing.
    ofcourse some restrictions for outbound connection in sandboxie.
     
  4. Threedog

    Threedog Registered Member

    Joined:
    Mar 20, 2005
    Posts:
    1,125
    Location:
    Nova Scotia, Canada
    My setup is almost the same. Defensewall + Sandboxie + Returnil + Prevx + Windows Firewall + Router. I also have SAS Pro but only use that on demand. So depending on how you classify Prevx, I have no AV scanners on the go.

    I use Defensewall + Sandboxie together all the time with no problems. I find that one compliments the other.
     
  5. HURST

    HURST Registered Member

    Joined:
    Jul 20, 2007
    Posts:
    1,419
    Can you please post how they compliment?
     
  6. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,922
    Location:
    Canada
    hey thats good protection you got there man.:D
    i trust those 2 together:D
     
  7. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,922
    Location:
    Canada
    DefenseWall and SandBoxie are like two happy brothers:D
    they protect your pc in a different way but you get protected anyway.
     
  8. Threedog

    Threedog Registered Member

    Joined:
    Mar 20, 2005
    Posts:
    1,125
    Location:
    Nova Scotia, Canada
    Sure! If I recover a file from the sandbox (Sandboxie) to my hard drive, it is still listed as "Untrusted" by Defensewall. Plus, if anything was to break out of Sandboxie it is still covered by Defensewall.
     
  9. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,922
    Location:
    Canada
    hey treedog,so let say if you save some thing out the sandbox will defensewall mark that file as untrusted.like GeSWall label as untrusted with the litle g icon.i am curious do we get a label mark with DefenseWall i never pay attention to that?:eek:
     
  10. Threedog

    Threedog Registered Member

    Joined:
    Mar 20, 2005
    Posts:
    1,125
    Location:
    Nova Scotia, Canada
    It will still be listed as untrusted by Defensewall if it comes out of Sandboxie. That's what I like about that setup. Plus, if I am didling around with dangerous stuff, I usually have Returnil kicked in also. So everything is well contained and easy to get rid of. And lets not forget Prevx is checking out anything that executes.
     
  11. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,922
    Location:
    Canada
    thats like 3 blankets to cover from the flue rigth treedog:thumb: :thumb:
     
  12. Threedog

    Threedog Registered Member

    Joined:
    Mar 20, 2005
    Posts:
    1,125
    Location:
    Nova Scotia, Canada
    That's the way I look at it Jmonge. I don't really need all this stuff but it's fun to play with. Of course, if all fails I still have my "Nuke" cd and clean image to start all over again.
     
  13. Someone

    Someone Registered Member

    Joined:
    Jan 18, 2008
    Posts:
    1,106
    Hi

    I think you could also had a behavioural blocker.
     
  14. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,922
    Location:
    Canada
    is threatfire a behavioural blocker?thats the only one my pc likes:D but at the moment i gave threatfire a break.
    before i tried avast's behavioural blocker built in the app but i dont like to run scaners and got rid of it even if it free.
     
  15. Threedog

    Threedog Registered Member

    Joined:
    Mar 20, 2005
    Posts:
    1,125
    Location:
    Nova Scotia, Canada
    Yuppers, Threatfire is a behavioral blocker. I have never used it so I don't know all that much about it. Only what I have read on here from others.

    That's why I have Prevx thrown into my mix. Its a combo behavioral blocker/hips and also checks any executable run against a database looking for baddies.
     
  16. innerpeace

    innerpeace Registered Member

    Joined:
    Jan 15, 2007
    Posts:
    2,105
    Location:
    Mountaineer Country
    Re: antivirus ,hips ,and sandboxes

    I agree with your Threatfire suggestion but I still think an outbound firewall/protection is good for an average user in certain situations. While you and I are careful with what we download and where we get it from, others may not be. Then again, they would have need to know how to answer the firewall prompt :doubt:. I guess it's a tough call either way and I do see both sides. I still like that extra chance I get to block a program that wants to call out.

    When DefenseWall adds the outbound protection, it will be a very nice addition.
     
  17. Threedog

    Threedog Registered Member

    Joined:
    Mar 20, 2005
    Posts:
    1,125
    Location:
    Nova Scotia, Canada
    With Prevx on "Pro" mode, it will throw a pop up if something tries to call out while it is installing. It works with Windows Firewall to give a bit of outbound monitoring.
     
  18. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,922
    Location:
    Canada
    hey threedog prevex sounds like a cool tool.

    innerpeace is what i need for my pc and to answer question to a firewall is prety anoid for me cause my pc is a familly pc so thats why i use the silent
    aproach.may be threatfire pro has the outbound silent aprouch i need for my familly pc.and yes i am very happy to heard that defensewall is adding outbound protection for untrusted apps.:D that way i only use my windows xp firewall for inbound protection and defensewall for outbound protection.:thumb:
     
  19. Someone

    Someone Registered Member

    Joined:
    Jan 18, 2008
    Posts:
    1,106
    Hi

    Yes, ThreatFire is a behavioural blocker. I didn't know Avast had a behavioural blocker, what's it called?

    Thanks
     
  20. Someone

    Someone Registered Member

    Joined:
    Jan 18, 2008
    Posts:
    1,106
    Re: antivirus ,hips ,and sandboxes

    Personally I think this is the key point and sums up the argument. Most users (including me actually) will just click allow if there are a lot of pop ups.
     
  21. LoneWolf

    LoneWolf Registered Member

    Joined:
    Jan 2, 2006
    Posts:
    3,572
    Exactly.
    Been running both for a while now myself.
     
  22. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Sorry guys posted this in my thread, but is also applicable on this thread, see https://www.wilderssecurity.com/showpost.php?p=1274971&postcount=32

    @JJmonge,

    You are using three types of sandboxes, this might increase security but to me it is like having safe sex with a normal condom, a glow in the dark condom, and a ribbled one. Because you put on the ribbled condom first, next the glow in the dark and last the normal one, the added effects (added value) of the first two are reduced to practically zero. It also reduces the moment of romance/passion, because it takes so much time to put them all three on ;) ;) ;)

    But hey it is your computer, do as you like/feel best (security is a state of consious/mind, not an objective fact)
     
    Last edited: Jul 6, 2008
  23. Threedog

    Threedog Registered Member

    Joined:
    Mar 20, 2005
    Posts:
    1,125
    Location:
    Nova Scotia, Canada
    Yes but depending on how nasty the malware (or partner in the analogy), it may be beneficial to wear all three. :D

    I like the policy + containment aspect of Defensewall + Sbie for surfing. Like I said above, both work in different ways but benefit the other. Returnil, I use more for testing software rather than surfing, but it is there if I need it.
     
  24. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,922
    Location:
    Canada
    my wife vs returnil?my wife wins:D
    she didnt like the facts that you have to reboot for any changes to go or if she makes any changes can not be save so i am here very sad and anounce that i let returnil go away.

    yeap avast also has a behaviour blocker you have to dig a bit to find it,it is very simple and it gives you the chance to get pop ups(which i dont like)
    i think i dont remenber but you could find it network shield or webshield one of those and then advance i believe and then you check mark the one you need to protect on read,delete,write something like that.if i downloaded tomorrow i can tell you i dont have install rigth now.
     
  25. Someone

    Someone Registered Member

    Joined:
    Jan 18, 2008
    Posts:
    1,106
    Hi

    Is this for Avast free or Pro? I know the Pro version has a script blocker.
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.