Discussion in 'sandboxing & virtualization' started by cheater87, Mar 27, 2017.
Lets say I have uses for both programs, would there be any conflict?
no, if properly setup ; benefices: none
Thanks, I'll just stick with Comodo then.
Proper is "benefices: none"? Or something else?
Do I need to remove my existing anti-virus too if I download CIS Complete - Installation?
no conflicts if both are setup properly, but then i don't see any major benefits to having both at same time.
If you use CIS yes , if only CFW , no.
What is the way of setting it up properly?
Complicated, since i don't use Comodo anymore , i don't recall all details, but the gain was worthless the effort. choose one , ditch the other.
If I just want the sandbox which should I click?
CIS Premium - Installation
CIS Pro - Installation
Both have, premium is free version, pro is paid one. CIS is full suite (its is Comodo FW + AV), there is no standalone version of the sandbox.
Here are things you can try.
Getting Sandboxie and Comodo to work together doesn't seem complicated. Try Johnny's solution first. And browse the thread where those links came from, other Comodo users have posted there. Personally, if I was to use Comodo along Sandboxie, I would disable the Comodo sandbox. If you have a SBIE license, I recommend you do that. Otherwise, leave it on.
To have full compatibility between Comodo and sandboxie without disabling any comodo's feature:
- Add sandboxie's whole folder as trusted in File List
- After depending the browser, add its exe in Shellcode Injection exceptions.
(it is what i did at that time, it worked fine; i didn't test with latest versions)
Using it on Windows 10 32 bit tablet and Windows 10 64 bit laptop, no issues and no special settings needed. Only dont sandbox any process by both sandboxes simultaneously( Comodo sandbox and SBIE). I have even MBAE running too on both systems.
Only you get few pop up alerts when you delete sandbox contents of SBIE( these alerts are related to fileless malware mitigations included recently in comodo defence plus). I do manual deletion rather than automatic so it is not a big issue.
i dont see any benefit using comodo - what makes it superior to sandboxie?
In term of sandboxing, they are more or less equal.
In overall protection Comodo's HIPS make the difference and Comodo AV scan files inside the sandbox.
Sometimes I just install SBIE and Comodo without any mutual adjusting. There were no problems yet. The benefit is that if HIPS is on then it watches what's going on in SBIE. AFAIK Comodo's HIPS doesn't monitor Comodo's sandbox. IDK why they did it, at least they could give ability for the user to choose it.
The AV does; the HIPS doesn't.
Thank you, I've corrected my previous post about AV. ... and I still regret that Comodo's HIPS doesn't monitor its sandbox.
HIPS is futile, scanning in the box is a regular feature of scanning features of any AV. at least no benefits of comodo i think.
Good HIPS can be whatever but not futile. HIPS can be dangerous in weak hands, annoying, or smart and silent but never futile.
HIPS can be excessive - and this is the best scenario for any security staff.
LOL I wrote the HIPS poem.
The difference between SBIE and Comodo is easy- Comodo is automatic, SBIE is on demand only.
This difference is critical! I can give an example of something that occurred to me- I was otherwise occupied and actually executed malware I coded on my production system (thinking I was already in the VM). With SBIE I would have been lost; Comodo told me I was an idiot by sandboxing and protecting without any input by me needed.
Just remember if you use SBIE alone that you MUST make the change to Block all programs in the sandbox from accessing the Internet. Otherwise stiff like info stealers, keyloggers, etc can steal your info. Without making this change YOU ARE MINE!!!!!
ps- to answer the initial question, although you can run both together it would be pointless to do so.
SBIE can be just as automatic, for most uses. If any one sits down at my machines, and runs a browser it is automatically sandboxed, and the sandbox only allows certain apps to run and certain apps to access the internet. If I was doing what you do with the coding, I'd keep that in one folder, and sandbox that folder. I'd bet Bo.elam could set up SBIE so what happened to you would have been protected by SBIE
Free version is OD; paid version can be set as automatic via "Forced Folder" or "Forced Programs" feature.
I remember you stating that elsewhere, but could not find it to post here - perhaps it was not on Wilders.
I have CFW with 'your settings' on my old HP netbook, along with Qihoo 360 TS.
Other than the browser if that is being sandboxed, I presume. On machines where I do use Sandboxie, it is just for my browser (Firefox), forced.
Peter- totally understand. But malware can get on to the system from places other than web browsing. As in my example, without jumping through any hoops CF would have protected me from my stupidity whereas SBIE would not.
This is mean not as slight at all against SBIE (which i consider excellent!), but more of a slight against myself.
As you been told, Sandboxies FREE version is on demand only. The paid version is automatic. Thats what you pay for. With the paid version you can set it up so basically all files and programs that run in your computer, run sandboxed on execution. In my personal case use, if something runs unsandboxed in my PC, I feel like I made a mistake. Most of my downloads go into one particular Downloads folder which is a Forced folder (files, executables, installers, etc, run sandboxed automatically when executed out of a Forced folder), but for extra security, with files I am not sure what they are but that I downloaded, I open a sandboxed version of Windows explorer, navigate to the file and run the file.
Since I don't toy with malware, I wouldn't make that kind of mistake. But if I wanted to use Sandboxie for testing, then I would do it using a sandboxed Windows explorer. Your piece of malware would be isolated when it runs by choice or by mistake.
About Blocking all programs from accessing the internet, thats a good setting to use whenever access to the internet is not required by the sandboxed program. In the case of using ths sandboxed Windows explorer to play with your malware, sandboxed Windows explorer should be set up to run in a sandbox where all programs are allowed to run and all programs blocked from accessing the internet. That way nothing can be stolen by the malware that runs as it can not phone home.
In the case of PDF, video players, Office programs, this kind of programs should be setup in separate, their own dedicated sandboxes where only the dedicated program is allowed to run and all programs are blocked from accessing the internet.
In the case of the browser, you allow to run the browser and the few exes that usually run when you use the browser and nothing else. You do the same for the programs that are allowed access to the internet. And never mix regular browsing with sensitive browsing.
This are some of the simple things you do to keep your sensitive information yours, even when using Sandboxie on its own as I do. By the way, one reason I use SBIE on its own is because I am safer/I feel safer for doing so.
In all sandboxes, access to personal sensitive files and folders by sandboxed programs can be blocked. This on top of what else I wrote above keeps your information yours. I have details of what else I do with SBIE or how I use SBIE to protect my personal information but I leave that out of here as it has to do with my personal case use of SBIE.
Separate names with a comma.