AppGuard - Changes from Default

Discussion in 'other anti-malware software' started by TheKid7, Jul 22, 2009.

Thread Status:
Not open for further replies.
  1. TheKid7

    TheKid7 Registered Member

    Joined:
    Jul 22, 2006
    Posts:
    3,469
    I am thinking about trying out AppGuard. I have read that it is "almost" an install and forget program. However, I was wondering if people on this forum will share what changes to AppGuard Settings that were made after installing AppGuard and the reasons for these changes.

    Thanks in Advance.
     
  2. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Increased the suspend protection (deny execute in user space) to 15 minutes, to facilitate large Windows Updates. That is it, nice easy to use rights restriction application.

    What you could do is, use AppGuard for daily protection of most microsoft and internet facing aps. Set Sandboxie to use a forced folders for temp directories and a special install directory, don not use SBIE for all other internet facing software, especially a dodgy browsing sandbox for Chrome or Iron (so you have in two seperate layers policy management sandbox of Chrome and application virtualisation of Sandboxie, which makes it near impossible to break). In this way all your new installs can only happen when you say so, plus you install them in a sandbox (through forced folder option).
     
    Last edited: Jul 23, 2009
  3. TheKid7

    TheKid7 Registered Member

    Joined:
    Jul 22, 2006
    Posts:
    3,469
    Thanks for your reply.

    I am a little confused on this part. Please clarify.

    "don not use SBIE for all other internet facing software, especially a dodgy browsing sandbox for Chrome or Iron (so you have in two seperate layers policy management sandbox of Chrome and application virtualisation of Sandboxie, which makes it near impossible to break)."

    Thanks in Advance.
     
  4. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Sorry, completely messed up.

    1. When you have SBIE, you do not need Appguard.

    2. When you would like Appguard (because it is so CPU friendly and offers a decent protection), you could apply an risk based approach
    a) Medium risk = Normal webaps + officeaps = use AppGuard with a deny execution of the user space.
    b) High risk = Dodgy browsing use Chrome Sandboxed with SBIE = double sandbox :ouch:
    c) HIGH Risk install = Telll Appguard to only allow execution from Temp and the Install Directory. Because these directories are forced folders in Sandboxie, your are covered at new installs also.
     
  5. TheKid7

    TheKid7 Registered Member

    Joined:
    Jul 22, 2006
    Posts:
    3,469
    I just installed AppGuard and I am unable to get Sandboxie to build a Sandbox. I just get a Sandboxie error. I tried to figure out what to put in the allow list but nothing I tried worked.

    How do I get Sandboxie to work with AppGuard?

    Thanks in Advance.
     
  6. jdd58

    jdd58 Registered Member

    Joined:
    Jan 30, 2008
    Posts:
    526
    Location:
    USA
    If I remember right, set Sandboxie's sandbox on a partition other than C:, if you have multiple partitions.

    In Sandboxie control go to Sandbox, then Set Container Folder, select partition.
     
  7. TheKid7

    TheKid7 Registered Member

    Joined:
    Jul 22, 2006
    Posts:
    3,469
    Thanks. That fixed the problem.
     
  8. jdd58

    jdd58 Registered Member

    Joined:
    Jan 30, 2008
    Posts:
    526
    Location:
    USA
    You're welcome.
     
Loading...
Thread Status:
Not open for further replies.