How I make it so Trusteer Rapport with SAndboxie?

Now if I lunch my browser (no matter which) in sandboxie the trusteer rapport icon in the url bar does not show up but when I lunch the browser outside the sandbox it works just fine. (it shows up).

What should I include to make sure that trusteer works with sandboxie?

 

Well frankly that blows.

So I can have keylogger protection with trusteer or a session protection with Sandboxie but I can't have both.


That just totally blows.

 

Yeah it does. You'll have to find an alternative anti-logger. You can try keyscambler or somethink like zemena or spyshelter.

 

Yeah ZEMANA no go since I am at 64bit.
SpyShelter (have lifetime Lic) but no go since too many hooks allready done by OA HIPS.

Maybe I can try PREVEX SAFE ONLINE again but it will be too cluttered.


You might be wondering why I want a keyloger protection if I use OA, well mainly since if I accidentally allowed key logging then at least it won't log keys when visiting protected sites.

 

I might point out that it is an easy thing to disallow keyloggers to run within the sandbox by only allowing your browser to run within the sandbox. It presumes your system does not have a keylogger, and keeps any keylogger from being installed or running. Doesn't do much for other programs that are not sandboxed though.

Sul.

 

If your that concerned, then try keyscambler. It works very well with sandboxie. It will encrypt all your keystrokes until you delete your sandbox. I've used it before and I know that it works well.

 

I have a similar question about online banking.

Firefox is my browser of choice. I/Explorer has restricted ports & IP address to online banking site only via Look n stop FW. When accessing online banking I block firefox browser.

My available software choices to compliment the Look n Stop config are:
*Sandboxie *Spyshelter *Trusteer Rapport.

Q: So what is the best combination & configuration to use?

 

Whilst that is true, it is isnt such a disadvantage as it first appears because there are two separate use cases to consider.

For general web surfing, the concern should be to protect the system against infection, and to prevent unauthorised access to private data. For this purpose, Sandboxie is admirable.

For banking and online shopping, the concern should be to verify the authenticitiy of the website visited, and to guard against any malware that may already be installed and running on the system from being able to see what information is being entered into the browser. This is what Rapport is intended to do.

Because the two use cases involve completely different concerns, it doesn't matter that you can't use both applications at the same time. It's horses for courses.

 

Generally Rapport doesn,t work with sandboxes. Actually for online banking you don,t need to run ur browser in sandbox. Just make sure there is no active process in sandbox. Launch a clean browser instance out of sandbox and Rapport will protect it. Do online banking and that,s all.

Personally I will make sure that my system is clean. A live Ubuntu CD is a good option as well though not so feasible ofcourse.

 

Is there malware that can be on the web which can steal info typed into web pages (such as passwords or credit card info)? By that I don't mean malware already running on an infected system, I mean online malware such as compromised 3rd party ads, data stealing cookies, malware that is on a web page which can steal passwords, etc...

If so, how does a person protect themselves from that type of malware? It does not appear a program like sandboxie or an anti-keylogger could offer much help at all.

 

I don't know but even if there is you shouldn't normally be encountering that sort of thing accessing a trusted website unless the website itself had been hacked.

It's hard to say how much protection Rapport would provide in the event of a trusted website having been hacked. Like all security solutions, Rapport isn't perfect but it does add an additional security layer for trusted websites that need to be protected.

 

I can confirm that Keyscrambler runs fine with Sandboxie (i'm at 64 bit here either). For occasional banking, a Linux live CD is probably a safer option.

 

Are there any vulnerabilities when using keyscrambler with Chrome browser? I notice that I need the paid version to use with Chrome which is ok...does the paid version change to the freeware version after a trial period?

 

thanks for the info- I'll look into Rapport. But I think so far I like keyscrambler better.

 

I never heard about any particular vulnerabilities that will affect keyscrambler when used in conjunction with Chrome.

I think that the Pro version doesn't have a trial period, and the Personal version (free) will only work with IE, Firefox and Flock.

Why don't you take a look to Spyhelter?
http://www.spyshelter.com/
http://www.softpedia.com/get/Security/Security-Related/SpyShelter.shtml
(keep in mind that the free version of Spyshelter isn't compatible with Windows 7 x64, only the Premium version is compatible with both x32 and x64 Windows)

It offers more protection than Keyscrambler, is compatible with Sandboxie, is cheaper, and is a very regarded software around here.

From http://www.spyshelter.com/purchase.html
"Price for SpyShelter Premium single license is: 29.95 €
Now only 24.95 EUR.
Single purchase allows using SpyShelter for several years(no time limit), without yearly fees,
include FREE upgrade to all future versions.
Multi-user licenses are also available."


From https://secure.qfxsoftware.com/purchase.php
(licence for 1 user)
Keyscrambler Professional: $29.99

 

I appreciate the detailed response. I'll probably give the paid version of keyscrambler a try. I have Eset av version 5 with HIPS enabled so I'll try that a while and see if it has any shortcomings (forgets rules, etc). If it does I may give spyshelter a shot as I see it has a lot of nice reviews here on wilders.

 

I don't think we need TR as we've already got Sandboxie. Set up a separate sandbox for your browser, which should be the only program that can run and connect to the Internet. And you have noting to worry about.

 

I have some doubts about that.

To test i downloaded Spyshelter test (a keylogger simulator that can be found here: h**p://www.spyshelter.com/download/AntiTest.exe).

Next, i created a restricted sandbox where only IE can execute and access the internet.

Then i launched IE (sandboxed) and, after that, the keylogger simulator.
I typed some words in Google and they where captured by the keylogger.

Using Keyscrambler the keylogger still is able to function but only gets "scrambled" keystrokes.

This means that probably Sandboxie can protect against keyloggers, if they still are contained inside the restricted sandbox, but not if the computer is already infected, or the user downloads the keylogger to a un-sandboxed folder (a direct access folder), or recovers the the keylogger to the real system.

Considering this, Spyshelter or Keyscrambler provides a widest protection against keyloggers than Sandboxie alone (that is not specifically designed for that anyway). Using both would, Sandboxie+Spyshelter or Keyscrambler, would provide a better protection

 

Sorry but this is not correct.

If a machine is infected with a keylogger outside the sandbox, the sandbox does not stop it from logging the keystrokes.

I initiated a thread about this topic a couple of weeks ago. It makes very good reading for those interested.

 

Sorry, my fault. I didn't mention that on one condition: Users must make sure their systems are clean.

And you are right. Under the restricted sandbox, keyloggers you get from the web can not even run.

 

You are right, sandbox can not stop malware outside the box from running.

 

Talking about the KeyScrambler, it is an excellent program, and I know that SpyShelter is too just like in my second PC some people use, I can not have any pop-ups (I have other people who use my second PC just do not understand anything about security), and the KeyScrambler it is very good, has no pop-up or user interaction.

So I chose the KeySrambler Professional.

 

if you folks are going to assume there is a keylogger installed (as in some hypothetic scenarios above) you might as well assume there are also are screenlogger, clipboardlogger, mouselogger etc installed as well.

in which case Keyscrambler would be useless.
well, not completely useless because password fields are hidden by *, but you get the idea...