Browsers + Sandboxie: process stacks for Firewall

Discussion in 'sandboxing & virtualization' started by learningcurve, Feb 13, 2013.

Thread Status:
Not open for further replies.
  1. learningcurve

    learningcurve Registered Member

    Joined:
    Apr 14, 2012
    Posts:
    47
    Location:
    usa
    Just enabled HIPS-like "process inspection" popups on Firewall. To get Firefox 18 --or IE 9 -- up and running I have to approve as an example:

    Firefox (listen on 127.0.0.1 49191)
    Explorer (listen on 127.0.0.1 49191)
    Userinit (listen on 127.0.0.1 49191)
    Sandboxie (start.exe listen on 127.0.0.1 49191)

    Upon approval FF establishes loopback on 49191 -49192. The other processes do not open any ports, but are allowed in the Firewall with 127.0.0.1 to 0.0.0.0 approval.

    Is this process stack normal? Am I opening my machine to exploits (Explorer, I am told should not need any net access on a secure machine, nor start.exe (Sandboxie). I am new to HIPS, just need a firm place to start.

    Thanks.
     
    learningcurve, Feb 13, 2013
    #1
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...