Here is some INFO on PowerShadows Outbound connecting

Discussion in 'sandboxing & virtualization' started by yankinNcrankin, Mar 5, 2007.

Thread Status:
Not open for further replies.
  1. yankinNcrankin

    yankinNcrankin Registered Member

    Joined:
    May 6, 2006
    Posts:
    406
    I ran several tests regarding the out bound and Inbound connections that PowerShadow makes when you start the program and here is the result which happens to be the same every time I launched the program. I even checked it with HEX and found nothing unusual if any one finds something weird about my attachment please reply, I may have missed something. I'll be more specific about this test: I have 2 computers. One with PowerShadow running and the other I used to packet sniff my network. The results I got after running PowerShadow for several sessions each lasting about 30 min, resulted in the same packets which you can view.
     

    Attached Files:

    Last edited: Mar 7, 2007
  2. Franklin

    Franklin Registered Member

    Joined:
    May 12, 2005
    Posts:
    2,517
    Location:
    West Aussie
    Can't help with those outbounds but on my setup Powershadow's shadowtip.exe attempts a connection several minutes after executing the program and not at program startup.

    Blocked with the new version of PCtools FW with no adverse effects.

    Might add that sometimes ShadowSetting tries an outbound as well.
    Shadow setting.jpg
     
    Last edited: Mar 6, 2007
  3. yankinNcrankin

    yankinNcrankin Registered Member

    Joined:
    May 6, 2006
    Posts:
    406
    The point of this was to show users of this program that I personally didn't find anything of concern about the outbound connecting of this program. Packets remained the same all the time and the information sent and recieved were the same. Very similar to when you use explorer to search drive(s) and are currently connected to the internet, it will also outbound connect for a split second sending similar information out to a specific address. :)
     
    Last edited: Mar 7, 2007
  4. Franklin

    Franklin Registered Member

    Joined:
    May 12, 2005
    Posts:
    2,517
    Location:
    West Aussie
    I agree, not concerned about those outbounds at all.

    Even if they were suspect PowerShadow is such a great app that I would stick with it.Too easy to block with your FW anyways.

    Actually more concerned about MS apps phoning home which are blocked as well.;)
     
  5. EASTER.2010

    EASTER.2010 Guest

    Power Shadow Rocks!!!!
     
  6. chew

    chew Registered Member

    Joined:
    Jun 29, 2004
    Posts:
    515
    Location:
    GeordieLand.
    Thanks yankinNcrankin for the info. I think I can sleep very well tonight and as I only use Windows firewall so no outbound control. As for PS it is definitely one to keep. Love it and have been playing with it for a while now. What a great find. I like it. Have you guys tested it on Limited User a/c yet?
     
  7. EASTER.2010

    EASTER.2010 Guest

    FWIW i never reduce my config to run on limited user, Admin all the way and safe as steel.
     
  8. chew

    chew Registered Member

    Joined:
    Jun 29, 2004
    Posts:
    515
    Location:
    GeordieLand.
    Easter 2010, I only use Admin for Windows Update and software installation, the rest I tend to do them in my Limited User a/c. Been doing that since I found out it is "safer" to surf the net this way. But I guess if PS is on all the time that should be more than sufficient. I think I installed the copy with ADS .... damn! ;-(
     
  9. Franklin

    Franklin Registered Member

    Joined:
    May 12, 2005
    Posts:
    2,517
    Location:
    West Aussie
    My slipstreamed XP pro part SP 2 install disc is as far I will go and I won't use any MS updates in future, of which 50 odd meg are available..

    If updating XP any further through MS updates it actually slows down.

    And have had to ghost back to before MS's crappy updates to get my snappiness back.

    Prefer my own security fixes and setup.

    Running as limited user in shadowmode is like me running Sasndboxie in shadowmode.

    No need but some habits are hard to break,eh.

    Still much safer than running any of those "oh so great" realtime blacklist scanners!
     
  10. chew

    chew Registered Member

    Joined:
    Jun 29, 2004
    Posts:
    515
    Location:
    GeordieLand.
    YankinNcrankin,

    One question - which version is that with the INFO on PS outbound connecting?
    Is that the one downloaded from PS Chinese website version 2.6 + with ADS?
    Is that the one downloaded from Tuscow website version 2.6 without ADS?
    Or simply version 2.82 from the PS Chinese website converted to English?................

    Franklin,

    Yes, imagine if I log into my Limited User a/c, run Sandboxie and all in PS ... LOL! That will be interesting.
    Yes, old habit die hard. My Limited User a/c is nicely set up and I don't want to redo them in Admin ... like nice Firefox extensions ... moving pics around, documents ... etc. ...

    cheers,

    Chew
     
    Last edited: Mar 13, 2007
Thread Status:
Not open for further replies.