How I make it so Trusteer Rapport with SAndboxie?

Discussion in 'sandboxing & virtualization' started by GrammatonCleric, Aug 22, 2011.

Thread Status:
Not open for further replies.
  1. GrammatonCleric

    GrammatonCleric Registered Member

    Joined:
    Jan 8, 2009
    Posts:
    372
    Now if I lunch my browser (no matter which) in sandboxie the trusteer rapport icon in the url bar does not show up but when I lunch the browser outside the sandbox it works just fine. (it shows up).

    What should I include to make sure that trusteer works with sandboxie?
     
  2. stapp

    stapp Global Moderator

    Joined:
    Jan 12, 2006
    Posts:
    7,290
    Location:
    England
  3. GrammatonCleric

    GrammatonCleric Registered Member

    Joined:
    Jan 8, 2009
    Posts:
    372
  4. kjdemuth

    kjdemuth Registered Member

    Joined:
    Jul 29, 2005
    Posts:
    2,960
    Location:
    Boston, MA
    Yeah it does. You'll have to find an alternative anti-logger. You can try keyscambler or somethink like zemena or spyshelter.
     
  5. GrammatonCleric

    GrammatonCleric Registered Member

    Joined:
    Jan 8, 2009
    Posts:
    372
    Yeah ZEMANA no go since I am at 64bit.
    SpyShelter (have lifetime Lic) but no go since too many hooks allready done by OA HIPS.

    Maybe I can try PREVEX SAFE ONLINE again but it will be too cluttered.


    You might be wondering why I want a keyloger protection if I use OA, well mainly since if I accidentally allowed key logging then at least it won't log keys when visiting protected sites.
     
  6. Sully

    Sully Registered Member

    Joined:
    Dec 23, 2005
    Posts:
    3,719
    I might point out that it is an easy thing to disallow keyloggers to run within the sandbox by only allowing your browser to run within the sandbox. It presumes your system does not have a keylogger, and keeps any keylogger from being installed or running. Doesn't do much for other programs that are not sandboxed though.

    Sul.
     
  7. kjdemuth

    kjdemuth Registered Member

    Joined:
    Jul 29, 2005
    Posts:
    2,960
    Location:
    Boston, MA
    If your that concerned, then try keyscambler. It works very well with sandboxie. It will encrypt all your keystrokes until you delete your sandbox. I've used it before and I know that it works well.
     
  8. AaLF

    AaLF Registered Member

    Joined:
    Feb 20, 2005
    Posts:
    986
    Location:
    Sydney
    I have a similar question about online banking.

    Firefox is my browser of choice. I/Explorer has restricted ports & IP address to online banking site only via Look n stop FW. When accessing online banking I block firefox browser.

    My available software choices to compliment the Look n Stop config are:
    *Sandboxie *Spyshelter *Trusteer Rapport.

    Q: So what is the best combination & configuration to use?
     
  9. pegr

    pegr Registered Member

    Joined:
    Apr 8, 2008
    Posts:
    2,279
    Location:
    UK
    Whilst that is true, it is isnt such a disadvantage as it first appears because there are two separate use cases to consider.

    For general web surfing, the concern should be to protect the system against infection, and to prevent unauthorised access to private data. For this purpose, Sandboxie is admirable.

    For banking and online shopping, the concern should be to verify the authenticitiy of the website visited, and to guard against any malware that may already be installed and running on the system from being able to see what information is being entered into the browser. This is what Rapport is intended to do.

    Because the two use cases involve completely different concerns, it doesn't matter that you can't use both applications at the same time. It's horses for courses.
     
  10. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    Generally Rapport doesn,t work with sandboxes. Actually for online banking you don,t need to run ur browser in sandbox. Just make sure there is no active process in sandbox. Launch a clean browser instance out of sandbox and Rapport will protect it. Do online banking and that,s all.

    Personally I will make sure that my system is clean. A live Ubuntu CD is a good option as well though not so feasible ofcourse.
     
  11. acr1965

    acr1965 Registered Member

    Joined:
    Oct 12, 2006
    Posts:
    4,954
    Is there malware that can be on the web which can steal info typed into web pages (such as passwords or credit card info)? By that I don't mean malware already running on an infected system, I mean online malware such as compromised 3rd party ads, data stealing cookies, malware that is on a web page which can steal passwords, etc...

    If so, how does a person protect themselves from that type of malware? It does not appear a program like sandboxie or an anti-keylogger could offer much help at all.
     
  12. pegr

    pegr Registered Member

    Joined:
    Apr 8, 2008
    Posts:
    2,279
    Location:
    UK
    I don't know but even if there is you shouldn't normally be encountering that sort of thing accessing a trusted website unless the website itself had been hacked.

    It's hard to say how much protection Rapport would provide in the event of a trusted website having been hacked. Like all security solutions, Rapport isn't perfect but it does add an additional security layer for trusted websites that need to be protected.
     
  13. AlexC

    AlexC Registered Member

    Joined:
    Apr 4, 2009
    Posts:
    1,280
    I can confirm that Keyscrambler runs fine with Sandboxie (i'm at 64 bit here either). For occasional banking, a Linux live CD is probably a safer option.
     
  14. acr1965

    acr1965 Registered Member

    Joined:
    Oct 12, 2006
    Posts:
    4,954
    Are there any vulnerabilities when using keyscrambler with Chrome browser? I notice that I need the paid version to use with Chrome which is ok...does the paid version change to the freeware version after a trial period?
     
    Last edited: Oct 22, 2011
  15. acr1965

    acr1965 Registered Member

    Joined:
    Oct 12, 2006
    Posts:
    4,954
    thanks for the info- I'll look into Rapport. But I think so far I like keyscrambler better.
     
  16. AlexC

    AlexC Registered Member

    Joined:
    Apr 4, 2009
    Posts:
    1,280
    I never heard about any particular vulnerabilities that will affect keyscrambler when used in conjunction with Chrome.

    I think that the Pro version doesn't have a trial period, and the Personal version (free) will only work with IE, Firefox and Flock.

    Why don't you take a look to Spyhelter?
    http://www.spyshelter.com/
    http://www.softpedia.com/get/Security/Security-Related/SpyShelter.shtml
    (keep in mind that the free version of Spyshelter isn't compatible with Windows 7 x64, only the Premium version is compatible with both x32 and x64 Windows)

    It offers more protection than Keyscrambler, is compatible with Sandboxie, is cheaper, and is a very regarded software around here.

    From http://www.spyshelter.com/purchase.html
    "Price for SpyShelter Premium single license is: 29.95 €
    Now only 24.95 EUR.
    Single purchase allows using SpyShelter for several years(no time limit), without yearly fees,
    include FREE upgrade to all future versions.
    Multi-user licenses are also available."


    From https://secure.qfxsoftware.com/purchase.php
    (licence for 1 user)
    Keyscrambler Professional: $29.99
     
    Last edited: Oct 22, 2011
  17. acr1965

    acr1965 Registered Member

    Joined:
    Oct 12, 2006
    Posts:
    4,954
    I appreciate the detailed response. I'll probably give the paid version of keyscrambler a try. I have Eset av version 5 with HIPS enabled so I'll try that a while and see if it has any shortcomings (forgets rules, etc). If it does I may give spyshelter a shot as I see it has a lot of nice reviews here on wilders.
     
  18. operamail

    operamail Registered Member

    Joined:
    Sep 14, 2011
    Posts:
    254
    I don't think we need TR as we've already got Sandboxie. Set up a separate sandbox for your browser, which should be the only program that can run and connect to the Internet. And you have noting to worry about.:p
     
  19. AlexC

    AlexC Registered Member

    Joined:
    Apr 4, 2009
    Posts:
    1,280
    I have some doubts about that.

    To test i downloaded Spyshelter test (a keylogger simulator that can be found here: h**p://www.spyshelter.com/download/AntiTest.exe).

    Next, i created a restricted sandbox where only IE can execute and access the internet.

    Then i launched IE (sandboxed) and, after that, the keylogger simulator.
    I typed some words in Google and they where captured by the keylogger.

    Using Keyscrambler the keylogger still is able to function but only gets "scrambled" keystrokes.

    This means that probably Sandboxie can protect against keyloggers, if they still are contained inside the restricted sandbox, but not if the computer is already infected, or the user downloads the keylogger to a un-sandboxed folder (a direct access folder), or recovers the the keylogger to the real system.

    Considering this, Spyshelter or Keyscrambler provides a widest protection against keyloggers than Sandboxie alone (that is not specifically designed for that anyway). Using both would, Sandboxie+Spyshelter or Keyscrambler, would provide a better protection:thumb:
     
  20. chinook9

    chinook9 Registered Member

    Joined:
    Jan 27, 2008
    Posts:
    439
    Sorry but this is not correct.

    If a machine is infected with a keylogger outside the sandbox, the sandbox does not stop it from logging the keystrokes.

    I initiated a thread about this topic a couple of weeks ago. It makes very good reading for those interested.
     
  21. operamail

    operamail Registered Member

    Joined:
    Sep 14, 2011
    Posts:
    254
    Sorry, my fault. I didn't mention that on one condition: Users must make sure their systems are clean.

    And you are right. Under the restricted sandbox, keyloggers you get from the web can not even run.
     
  22. operamail

    operamail Registered Member

    Joined:
    Sep 14, 2011
    Posts:
    254
    You are right, sandbox can not stop malware outside the box from running.:D
     
  23. ExtremeGamerBR

    ExtremeGamerBR Registered Member

    Joined:
    Aug 3, 2010
    Posts:
    1,115
    Talking about the KeyScrambler, it is an excellent program, and I know that SpyShelter is too just like in my second PC some people use, I can not have any pop-ups (I have other people who use my second PC just do not understand anything about security), and the KeyScrambler it is very good, has no pop-up or user interaction.

    So I chose the KeySrambler Professional. :thumb:
     
  24. moontan

    moontan Registered Member

    Joined:
    Sep 11, 2010
    Posts:
    3,931
    Location:
    Québec
    if you folks are going to assume there is a keylogger installed (as in some hypothetic scenarios above) you might as well assume there are also are screenlogger, clipboardlogger, mouselogger etc installed as well.

    in which case Keyscrambler would be useless.
    well, not completely useless because password fields are hidden by *, but you get the idea...
     
Loading...
Thread Status:
Not open for further replies.