Is Sandboxie/NIS 2011/NoScript enough?

Discussion in 'sandboxing & virtualization' started by exus69, Jul 29, 2011.

Thread Status:
Not open for further replies.
  1. exus69

    exus69 Registered Member

    Joined:
    Mar 15, 2009
    Posts:
    160
    Hi everyone,

    Am using a fully patched Win XP SP3 machine(logged in as Admin) with Sandboxie, NIS 2011 and NoScript for my defenses. Do you think this is enough? or do you recommend LUA+SRP to be added to the above??

    I want to make my comp "as secure as possible". As far as Sandboxie is concerned am opening each and every file on my system as Sandboxed.

    Do you still think I should opt for LUA+SRP. I know the advantages of LUA+SRP but I truly believe in optimum security with optimum user convenience
    and going by the threads on LUA+SRP, I think it'll be a hassle.

    What say?
     
    Last edited: Jul 29, 2011
  2. chris1341

    chris1341 Guest

    Ah, yet again, the eternal Wilders quest!

    Enough is subjective. As you will see from the ever changing set-ups and myriad of choices and combinations people on this forum and others use the quest for enough can become a never ending one.

    I would suggest what you have is sufficient but what is enough depends on you. Your usage profile, your level of expertise and a number of other factors only you will know will influence that.

    I choose to run as admin and use Sandboxie with start/run and internet restrictions, no quick recovery and a few direct access file paths on all my browsers, p2p clients, mail clients, office apps, readers and media players while forcing USB drives and some key folders to run sandoxed. Those folders that I give direct access to are themselves forced to sandbox and subject to a 'deny' srp.

    I have to let stuff out of the sandboxes occassionally of course and that is where the risk lies for me. I feel equipped with common sense, online scanners and virtual machines to mitigate that risk. Many consider that inconvienient. What mitigates risk or is convienient for you will be different though.

    You may feel the urge to pile on more or change the layers, you may even be advised to by others here but you have Sandboxie to virtualise and limit the applications likely to faciltate a threat and NIS to blacklist either by signature or reputation along with no-script to cut down the attack suface of your browser. For me that is too much for most though I would think it is 'enough'.

    Cheers
     
  3. NoobStick

    NoobStick Guest

    Joined:
    Jun 23, 2011
    Posts:
    0
    Hey exus69
    I think, as already said by chris1341, that you have 'enough. And in my opinion the only thing, if you do not have it already, you can supplement the setup with is a good drive image software, it can save you day if the unlikely should happen ;) . And if I'm not mistaken there's a lot of threads on that subject too.

    Have a nice day

    NoobStick
     
  4. ExtremeGamerBR

    ExtremeGamerBR Registered Member

    Joined:
    Aug 3, 2010
    Posts:
    1,115
    You already have more than you need!

    Its configuration is similar to mine, has an adblock, an antivirus and a sandbox that you do not need anything else.

    I just can not live with NoScript, I have used it for some time but after adding the Sandboxie believe it is unnecessary, since everything is placed inside the box.

    The anti-virus, if I just use the NIS to "close" anything that comes out of Sandboxie.

    Remember to have an imaging software, this may be the most important factor, as well as common sense.
     
  5. shadek

    shadek Registered Member

    Joined:
    Feb 26, 2008
    Posts:
    2,363
    Location:
    Sweden
    Sandboxie properly configured for critical applications/NIS 2011/Noscript = you're safe as can be.
     
  6. ziaul

    ziaul Registered Member

    Joined:
    Aug 14, 2007
    Posts:
    239
    Hi Exus69,
    Even I have the same config on my laptop. Only difference is my OS is Win 7 Ultimate 64 bit. Also I do most of my work from a limited account. I usually log in to my admin account, when I have to update any software, which can be updated only from an admin account.

    You should also consider using Adblock Plus, very useful addon. And as Noob said you need a good imaging software, just in case if there is a problem. Apart from that, you are pretty much covered.

    Thanks,
    Ziaul
     
  7. exus69

    exus69 Registered Member

    Joined:
    Mar 15, 2009
    Posts:
    160
    Thx everyone for their replies. This forum is "really active and lively" unlike other forums :) Wish I visited frequently....

    Well I forgot to mention yes I use Acronis True Image Home 2011 to keep an image of my C: Ok here's a new question regarding Acronis. I've kept my C: image in a password protected Acronis Secure Zone in the same HDD. My question is how secure is Acronis Secure Zone from nasty malwares that can reformat the whole drive??

    Will the password protected Acronis Secure Zone help me protect my C: image from such malwares??

    What say?
     
    Last edited: Jul 29, 2011
  8. ziaul

    ziaul Registered Member

    Joined:
    Aug 14, 2007
    Posts:
    239
    Hi,
    You need to ask this question in the backup and imaging forum, they might be able to answer your question in a much better manner.

    In my opinion you should always keep all your images in an external hdd, instead of keeping it in the same hdd. But that's what I usually do, in case my hdd fails, from where am I going to recover the image.

    Thanks,
    Ziaul
     
Loading...
Thread Status:
Not open for further replies.