Browsers + Sandboxie: process stacks for Firewall

Discussion in 'sandboxing & virtualization' started by learningcurve, Feb 13, 2013.

Thread Status:
Not open for further replies.
  1. learningcurve

    learningcurve Registered Member

    Joined:
    Apr 14, 2012
    Posts:
    47
    Location:
    usa
    Just enabled HIPS-like "process inspection" popups on Firewall. To get Firefox 18 --or IE 9 -- up and running I have to approve as an example:

    Firefox (listen on 127.0.0.1 49191)
    Explorer (listen on 127.0.0.1 49191)
    Userinit (listen on 127.0.0.1 49191)
    Sandboxie (start.exe listen on 127.0.0.1 49191)

    Upon approval FF establishes loopback on 49191 -49192. The other processes do not open any ports, but are allowed in the Firewall with 127.0.0.1 to 0.0.0.0 approval.

    Is this process stack normal? Am I opening my machine to exploits (Explorer, I am told should not need any net access on a secure machine, nor start.exe (Sandboxie). I am new to HIPS, just need a firm place to start.

    Thanks.
     
Loading...
Thread Status:
Not open for further replies.