how to set up sandboxie??

Discussion in 'sandboxing & virtualization' started by Hefaistos22, Oct 18, 2011.

Thread Status:
Not open for further replies.
  1. Hefaistos22

    Hefaistos22 Registered Member

    Joined:
    Mar 14, 2008
    Posts:
    73
    Location:
    Slovakia
    I am new to sandboxie, but i understand how it works. Can anyone submit some ideas to my, how to improve security of sandboxie? ie. restrictions.

    Im using read only restricted access to directories like Program Files and Windows, but i would appreciate help with restrictions on registry:)
     
  2. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    Basically the way I set up sandboxie was to remove rights wherever possible until the program could no longer function. That's when I know it's as locked down as possible. Does the program need admin access? If not, remove its ability to elevate entirely. Does it need write access to an area? Only give it read access... or none at all.
     
  3. Peter 123

    Peter 123 Registered Member

    Joined:
    Feb 1, 2009
    Posts:
    177
    @Hefaistos22:

    You will already find here some threads dealing with the question how to set up Sandboxie. I think the most detailed thread is this one:

    https://www.wilderssecurity.com/showthread.php?t=240008
    ("Sandboxie Configuration Recommendations")

    Maybe there you will find something about restrictions on registry too. (Personally I did not make such restrictions.)
     
  4. Sully

    Sully Registered Member

    Joined:
    Dec 23, 2005
    Posts:
    3,719
    There are many ways, and as Peter pointed out, that thread is chock full of ideas.

    I would say that many who use SBIE beyond the basic needs do something like this:

    force program (like a browser)
    restrict what runs (only the browser.exe and a few choise tools, maybe .pdf viewer, etc)
    disallow what has network access (only allow browser.exe network)
    possibly make exceptions to:
    A. open direct access to things in sandbox save to real location (like bookmarks)
    B. restrict access of sandbox to real system (restrict directories/files/reg keys)

    This isn't too hard really, and offers a good degree of protection for a system that is starting clean. It prevents lots of exploits within the sandbox.

    Those are overall ideas mind you, not really specific in nature.

    Sul.
     
  5. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    3,768
    Location:
    Nicaragua
    On all my sandboxes I allow programs to start/run and have internet access based on whats necessary for the purpose of each sandbox that I create. Do this without losing usability and you ll have a perfectly balanced sandbox. I allow as little as possible on each sandbox but always allow what is needed in order for me to feel comfortable. Try to achieve a nice balance and you will like SBIE.

    Bo
     
  6. stapp

    stapp Global Moderator

    Joined:
    Jan 12, 2006
    Posts:
    7,280
    Location:
    England
  7. AaLF

    AaLF Registered Member

    Joined:
    Feb 20, 2005
    Posts:
    986
    Location:
    Sydney
    I'm new to SBiE too. I learned this today.

    Create a Tester Sandbox specifically for opening suspect files programs and such. Then open its Sandbox settings > appearance > show sandbox name in window title > tick O.K. > Restrictions > internet > block Firefox & explorer ( or whatever browsers you use).

    To open the suspect file > SBiE control > select the Tester sandbox > Run any program

    Create this Tester Sandbox now. Do not find out the hard way like I did that the sandbox must be pre-built with internet access denied if you dont want the trojan phoning home.
     
  8. Hefaistos22

    Hefaistos22 Registered Member

    Joined:
    Mar 14, 2008
    Posts:
    73
    Location:
    Slovakia
    Im not that new to sandboxie ;) i understand basic concept of it, so restricting which programs are allowed to run,or access internet is easy,but i dont know which registry restrictions should i put on them,or file restrictions :/ but i will read some recommended threads by you guys, thanks!! :p
     
  9. sweater

    sweater Registered Member

    Joined:
    Jun 24, 2005
    Posts:
    1,674
    Location:
    Philippines, the Political Dynasty Capital of the
    Using free version.

    How to exclude Firefox Scrapbook plus addons in Sandboxie so that newly captured pages won't be included in the deletion of contents? tnx...:cool:
     
  10. AaLF

    AaLF Registered Member

    Joined:
    Feb 20, 2005
    Posts:
    986
    Location:
    Sydney
    In Sandbox > Settings > Delete > Delete command....

    I am offered a choice of selecting how to erase /delete the sandbox contents. What is Eraser1 etc? Where do I find the .exe? How can I invoke a serious cleaning method like Guthmann or some other serious scrubber? I have CyberScrub. A qulity eraser program. Can I link to it?
     
Loading...
Thread Status:
Not open for further replies.