DefenseWall vs. GreenBorder vs. SandboxIE

Ah! Thank you snowbound , glad to hear that.

nicM

 

After uninstalling one of the best AV's in the world : "NOD32",
GreenBorder worked properly with a little bearable slowdown in each green bordered application.

I guess GreenBorder will now protect me against viruses in the same way as NOD32 did.

Firefox started with an "Alert" message and after clicking the OK-button, it opened normally.
The same for Thunderbird, but after each reboot, it asks to become the default email-program.

 

ErikAlbert

I wonder if this is because they have not figured out how to play with others at the kernel level?


controler

 

No, it won't. None of the sandbox/virtualization techniques use detection, so you should not replace AV. The browser is only one vector, you'll have to consider email clients, file sharing, and removable media.

 

Can't say anything about this. My knowledge is too poor, but I know one thing for sure, NOD32 was the cause why GreenBorder (GB) didn't work properly.

Now I have to choose between NOD32 with a very good reputation and a beginner like GB and
that choice is very easy : NOD32.
I think the programmers of GB have still alot of work to make it compatible with other popular softwares. This lack of compatibility will stop many people of using it.

I installed DefenseWall : no problems with NOD32, no alert with Firefox, no alert with Thunderbird. This software is at least mature and facts are facts.

 

Hi guys,

I'm interested in the slowdown issues. Since this is a bit off-topic, here's a separate thread https://www.wilderssecurity.com/showthread.php?t=137913 to keep this one clean.

Bill

 

As far as sanboxing is concerned, in my experience Sandboxie, GesWall and DefenceWall seem to be much better abd mature than greenborder. However I can,t say anything about the privacy zone.

 

I think that GreenBorder is developed for Windows + MS Applications only and that each Third Party Application can be a risk and if it works, you are just lucky.

 

Then y to use it when there are much better alternatives, even free.
BTW, it is not their statement.

 

That's probably the reason why GreenBorder is freeware at this moment : to find out what GreenBorder is missing in other environments. The more downloads, the more testings and bug reports.

 

Erik is right. Although we've run the software in enterprise environments for a couple of years, a computer on a corporate network is tightly controlled environment. Once we verify that our (more complex) enterprise version runs on a standard image, we know it'll work on a few hundred similar images.

On the other hand, the consumer PC is a much larger challenge. There's no predicting the combination of applications, versions, upgrades, patches and the load order. Firewalls or security suites which already have network filters tend to be a challenge. To increase compatibility, one of the protections we've made adjustable is the our network filter (See the picture below). Malware in a networked sandbox environment can still connect to your local network services (NetBIOS, RPC (e.g.; computer management), MSDE/SQL, ICMP, Remote Desktop, Google Desktop). To me it's a big no-no to be able to start netcat in a virtual environment and 'own' the computer through the network services. Worst case, you may authenticate as yourself, and have full access to \\localhost\c$.

Although I can't speak for the other vendors, I have no doubt they have the same challenge with the variety of potentially loaded software.

http://www.greenborder.com/images/network_filter.jpg

 

The NOD32 and the HTA association issues have been fixed in the latest release of GreenBorder.


-Siggi Petursson
Sr. Manager, QA & Support
GreenBorder