how to set up sandboxie??

I am new to sandboxie, but i understand how it works. Can anyone submit some ideas to my, how to improve security of sandboxie? ie. restrictions.

Im using read only restricted access to directories like Program Files and Windows, but i would appreciate help with restrictions on registry

 

Basically the way I set up sandboxie was to remove rights wherever possible until the program could no longer function. That's when I know it's as locked down as possible. Does the program need admin access? If not, remove its ability to elevate entirely. Does it need write access to an area? Only give it read access... or none at all.

 

@Hefaistos22:

You will already find here some threads dealing with the question how to set up Sandboxie. I think the most detailed thread is this one:

https://www.wilderssecurity.com/showthread.php?t=240008
("Sandboxie Configuration Recommendations")

Maybe there you will find something about restrictions on registry too. (Personally I did not make such restrictions.)

 

There are many ways, and as Peter pointed out, that thread is chock full of ideas.

I would say that many who use SBIE beyond the basic needs do something like this:

force program (like a browser)
restrict what runs (only the browser.exe and a few choise tools, maybe .pdf viewer, etc)
disallow what has network access (only allow browser.exe network)
possibly make exceptions to:
A. open direct access to things in sandbox save to real location (like bookmarks)
B. restrict access of sandbox to real system (restrict directories/files/reg keys)

This isn't too hard really, and offers a good degree of protection for a system that is starting clean. It prevents lots of exploits within the sandbox.

Those are overall ideas mind you, not really specific in nature.

Sul.

 

On all my sandboxes I allow programs to start/run and have internet access based on whats necessary for the purpose of each sandbox that I create. Do this without losing usability and you ll have a perfectly balanced sandbox. I allow as little as possible on each sandbox but always allow what is needed in order for me to feel comfortable. Try to achieve a nice balance and you will like SBIE.

Bo

 

I'm new to SBiE too. I learned this today.

Create a Tester Sandbox specifically for opening suspect files programs and such. Then open its Sandbox settings > appearance > show sandbox name in window title > tick O.K. > Restrictions > internet > block Firefox & explorer ( or whatever browsers you use).

To open the suspect file > SBiE control > select the Tester sandbox > Run any program

Create this Tester Sandbox now. Do not find out the hard way like I did that the sandbox must be pre-built with internet access denied if you dont want the trojan phoning home.

 

Im not that new to sandboxie i understand basic concept of it, so restricting which programs are allowed to run,or access internet is easy,but i dont know which registry restrictions should i put on them,or file restrictions :/ but i will read some recommended threads by you guys, thanks!!

 

Using free version.

How to exclude Firefox Scrapbook plus addons in Sandboxie so that newly captured pages won't be included in the deletion of contents? tnx...

 

In Sandbox > Settings > Delete > Delete command....

I am offered a choice of selecting how to erase /delete the sandbox contents. What is Eraser1 etc? Where do I find the .exe? How can I invoke a serious cleaning method like Guthmann or some other serious scrubber? I have CyberScrub. A qulity eraser program. Can I link to it?