I am thinking of getting a sandbox app or intrusion detection app

Can anyone point me to any free ones?

 

Sandboxie, GeSWall, BufferZone Home

 

System Safety Monitor Free

 

GeSWall is an intrusion detection?

 

Whcih is eaier to use GeSWall or SSM? I would liekto know mroe opinions on sandbox applications and why you think one is better than another

 

BufferZone works great for me!

My system had serious problems running Internet Explorer inside Sandboxie,
(something broke through and turned AntiVirus off).

Eight Security Sandboxes Reviewed and Rated

Since September, have had excellent performance and protection from the BufferZone {free}
with absolutely no problems or complaints.

http://www.trustware.com/

 

No. It´s a "sandbox" with "application firewall" like features. You install it on top of a trusted system and it:
-isolates apps. such as browsers, mail clients, IM, media players, etc.
-virtualizes registry calls.
-tracks all objects created by isolated apps. without denying writing to disk.
-treats all objects created by isolated apps as untrusted.
-deny access to folders marked as "confidential".

GeSWall without any doubts. SSM and the likes(PG, AD, PS) needs lots of imput from you: parent/child relationship, hooking permissions, DLL loaded, registry calls, etc. GeSWall enforces mandatory access control policy. See more

 

O ok thanks

 

I am trialing BufferZone but the paid version.

Yesterday I did a scan with Spybot S&D I found a security center Anti-Virus override which would turn it off, which I deleted.

 

Re: BufferZone works great for me!

Please elaborate.

http://sandboxie.com/phpbb/

 

Re: BufferZone works great for me!

Quote:
Originally Posted by pilotart
My system had serious problems running Internet Explorer inside Sandboxie,
(something broke through and turned AntiVirus off).

Sure,

I had first used Sandboxie for the purpose of conducting 'shopping' sort of research on the 'net' with Firefox.
This had worked very well and never had any problems at all.

I have an old, free Email account with excite.com that will only open with Internet Explorer
set to the lowest possible security settings and so I wanted to do this within Sandboxie.

This was when I first encountered problems, after opening a few pages the first symptom was usually that the
Bluetooth IntelliMouse would stop working and would need to revert to the ALPS Touchpad to control the cursor
and buttons, this would soon progress (few more pages) to a total freeze of the system and a need to reboot.

Removing Sandboxie and installing the most current version of Sandboxie (2.60) showed absolutely
no improvement in these symptoms and they would occur within a few pages opened on every attempt to run a
Sandboxie'd IE6. this would be true on a dial-up modem, WiFi or LAN connection. (see Thread {Re: Sandboxie 2.60 issues}

The final straw came in late September when shortly after the loss of BT IntelliMouse (should mention that no other action
had ever killed my Mouse except using a Sandboxie'd Internet Explorer 6, set to low security),
I saw the AntiVir's Umbrella icon close (meaning active protection had been turned off, again never seen before)
verified by Task Manager's loss of avguard.exe and the internet connection was still active!

I immediately performed a 'hard shutdown' and rebooted with GoBack to a point in time prior to this
Sandboxie Internet Explorer incident.

Most other Reports and user's comments have glowed in their love of Sandboxie and with Firefox
it never showed any problems for me. May be like AntiVir Classic works best for my Systems
and is full of issues for some other users.

The Eight Security Sandboxes Review had also spoke well of Sandboxie (along with GreenBorder and BufferZone)
so I installed BufferZone's Free Internet Explorer Application and have used (version 1.9) since 27 Sept
with none of the issues that plagued my Sandboxie.

Although BufferZone was a much larger Program than Sandboxie, is very simple to use and is very well designed
to do an excellent job of protection without problems. have also found that you can also open any other application
(like Firefox) within BufferZone {FREE} from a Right-Click menu.
see...application-level virtualization software that protects Windows hosts from malware.
________________________________________

Have never seen that on S&D, but I have now set my Administrative Tools, Component Services to restart
AntiVir (Guard) service after: [0] minutes and reboot on third failure.

 

Yep,Sandboxie is one of the best at a very small download and install.

Some people do have issues but I haven't had any at all with no slowdowns either.

I have deliberately gone to compromising sites and downloaded all sorts of evil stuff and executed as such within the confines of the Sandbox and haven't had a single one escape to cause havoc.

Kav and SuperAS, used as on demand, never find a thing after emptying the sandbox.

Ideal first line of defence against any inet borne zero day attacks and malware.

Might add I do have ghost images and a clone on a slave just in case.

Quote from the Eset (Nod32 av) site, Dec 15th blog:

When I went to this specific web page it automatically launched a video! I’m sure glad I run Firefox and IE in SandBoxIE (www.sandboxie.com). If the video exploited a vulnerability I could have had become infected with all kinds of bad programs that could steal my passwords or other information on my computer.

Virtualization technologies, such as SandBoxIE are a great compliment to Anti-virus solutions. Neither stop everything, but virtualization can protect sensitive data, and if something bad was installed it will be gone when I empty the sandbox.

http://www.eset.com/threat-center/blog/index.php

 

When looking for freeware

For simple setup and more resource usage I would suggest

- CyberHAwk as some form of "intrusion detection" (manipulating processes, etc) and BufferZone free as 'sandbox'/HIPS

Lowest resource usage and more configuration effort
- SSM free/Prosecurity free as "Intrusion Protection"
- GesWall ans sandbox/HIPS

Regards

 

I have a mixed feelings towards Cyberhawk. It is now uninstalled from my system, but I leave a second chance to it. When it has I hope an option to switch it off etc. I felt my system was not as stable with it as it is now without it.

Sandboxie has worked well for me. I think it and CH don't really work so well together, so CH was one to go. It is still in the beta stages imo.