Is SBIE the ONLY viable standalone sandbox currently ??

Discussion in 'sandboxing & virtualization' started by smallhagrid, Feb 13, 2013.

Thread Status:
Not open for further replies.
  1. smallhagrid

    smallhagrid Registered Member

    Joined:
    Feb 14, 2011
    Posts:
    64
    Location:
    Vermont, America
    As the title asks=> Is SBIE the ONLY standalone sandbox currently ??

    My query:
    Do any real alternatives even exist - and if so, do they work well, or o_O

    I have searched and the best list was via http://alternativeto.net/software/sandboxie/ , and I see these as the most promising:

    Hopedot VOS
    http://www.hopedot.com/products/vos-standard-edition.html

    Commercial, and looks alot like a couple of others I've tried before...

    GesWall
    http://www.gentlesecurity.com/geswall.html

    I looked through their site and cannot find info about this...
    GeSWall has a sandbox feature but is also a HIPS; I would use JUST the sandbox feature if possible because I use Online Armor as my HIPS.
    I could find neither mention nor clear instructions about this idea there.

    Others which may work (but that I will not use or try again) are:
    iCore Virtual Accounts
    BitBox
    BufferZone Pro

    Then there are listings which are too absurd or unrelated to bother with.

    Please educate me on this...anyone ?!?

    Thanks.
     
    Last edited: Feb 13, 2013
  2. Feandur

    Feandur Registered Member

    Joined:
    Jun 15, 2005
    Posts:
    401
    Location:
    Australia
    Defence Wall :thumb: https://www.wilderssecurity.com/showpost.php?p=2186024&postcount=8

    That being said, it is a combo of HIPS, Sandbox, Software Policy, etc.


    I only know of Sandboxie as a standalone.......but......


    ## You consider Virtualisation as a form of Sandbox....such as VMWare or andLinux for day to day use [as a sort of Sandbox].

    (1) andLinux allows you to install Linux inside windows.
    (2) VMware Player allows you to "play" a virtualisation of your System made using VMware vConverter.

    See here http://www.andlinux.org/;
    and here https://www.vmware.com/support/converter/doc/conv_sa_501_rel_notes.html; and here http://www.vmware.com/support/player50/doc/player-50-release-notes.html

    The catch is only x32bit is supported by andLinux; and only more modern processors with at least 4G of System RAM are best for VMware. Also no personal experience using either just yet.

    ## Another, more complex way, is to use System hardening / Policy Restriction that limit what software is allowed to do [sort of like a sandbox]. Refer posts by Kees1958.

    -cheers,
    feandur
     
  3. smallhagrid

    smallhagrid Registered Member

    Joined:
    Feb 14, 2011
    Posts:
    64
    Location:
    Vermont, America
    Thanks, and more info about what I'm trying to do...

    Thanks Feandur.
    I will look again at Defencewall.
    I currently use Online Armor which is one reason I asked about standalone sandboxing...and I don't know if it can be OK alongside OA.

    There are others as I mentioned in the OP:
    I am no stranger to virtualisation - I use VMPlayer in my Linux PC to run XP there and it is very good indeed.
    (Running Linux inside windows is not what I'm seeking, thanks.)
    Having made a P2V, ready-to-use copy of my system I could also use it that way inside XP, and I may yet do that...I only use xp (32bit) wih 4GB of RAM.

    OK, I think I need to clarify a little bit about what I seek:
    There are a couple of things which have eluded me using SBIE, and I did post some time back at it's forum, and got no useful response there.

    1st:
    SBIE seems to insist upon making files appear in the C: drive no matter if it's the portable version and/or installed in a totally different partition.
    I avoid winrot by keeping XP really, really clean and hence avoid installing stuff and keep junk files cleaned out very carefully=> so having to chase it's junk despite my efforts really bugs me !!

    2nd:
    I do like to try out what strikes me as useful in freeware programs when I hear of any. A good example was some programs from Deskshare (whose site hasn't been updated in years, but was unknown to me).
    Many freeware programs come with what I'd call additional 'payloads' like krapware from ask.com and other junk toolbar stuff.

    Usually I just pry their installers open and see if they'll tolerate running standalone fashion - which many will do very nicely; BUT=> some are either impossible to open, too complex, or just intransigent - but still wanted.

    I've tried the free portable-izers like Cameyo to get around such problems, and had very poor results from them, so my idea was to install in a sandbox, scrape out what was needed, and do it by hand if possible...

    SBIE makes this near impossible from what I can tell, and add-ons exist but are nearly as convoluted to use as they are not intended for this, really.

    I even tried Total Uninstaller for it's ability to package up installations and it was a horrible mess all around - never again for that one !!

    I've looked around for info about how to 'capture' and reuse stuff via SBIE and have been very sad to find almost nothing about this subject.

    There's a bazillion videos about how to get, install and use it for basic things, but if searching 'sandboxie registry' it is mostly results about illegal krap and nothing useful for what I seek to learn.

    I hope this makes my quest a bit clearer ?!?
    (Sorry about the length of my reply !!)

    Thanks.
     
  4. Dark Shadow

    Dark Shadow Registered Member

    Joined:
    Oct 11, 2007
    Posts:
    4,553
    Location:
    USA
    If you have 64bit OS don't bother looking at Defensewall as there is no 64bit.:( Sandboxie IMO is the best at what it does.It's one of a kind as for right now.
     
  5. smallhagrid

    smallhagrid Registered Member

    Joined:
    Feb 14, 2011
    Posts:
    64
    Location:
    Vermont, America
    Please refer to the 2nd post I made in this thread...!

    Ummm, thanks but:argh: :
    Directly above^ I said in that long post:
    And yes, I know SBIE is very good; I also explained specifically what I am seeking to do and why already.
     
  6. Sully

    Sully Registered Member

    Joined:
    Dec 23, 2005
    Posts:
    3,719
    Re: Thanks, and more info about what I'm trying to do...

    I share your sentiments about cleanliness and performance.

    I admit I am a Sandboxie fanboy. It is one of those rare applications that does one thing, and does it almost perfectly. Nicely priced with outstanding development and responsiveness.

    Regarding how it makes files though, I wonder if you have thought it through completely? Meaning, on a normal install, it creates a directory (c:\sandbox). Within this directory there also lives a directory for each sandbox, and of course subdirectories of virtualized objects/containers. While I admit that it can create a LOT of stuff in there as you use it and it virtualizes things, my experience has been that it never writes outside of the c:\sandbox directory unless you make exclusions for it to do so.

    If you want to delete the contents of the sandbox then, it is easy, and it deletes most everything within the respective directory. Thats the extent really of keeping things clean, as for me Sandboxie doesn't write willy-nilly everywhere at all, only to its home directory and sub-directories.

    Does that not fit your criteria of keeping winrot to a minimum? Since it doesn't write but to one place (without exclusions) and it is super easy to delete what it has written to its one place, for me it qualifies as well behaved in that realm of things.

    Just my opinion of course ;)

    And as for your question, I don't think you will find anything like it at all. I have looked a few times, especially before I purchased the full edition. It is simply a very unique application without peer IMO.

    Sul.
     
  7. Sully

    Sully Registered Member

    Joined:
    Dec 23, 2005
    Posts:
    3,719
    Also, regarding capturing stuff from Sandboxie, I do that all the time. Its really easy. Since Sandboxie creates a virtualized environment, you only have to navigate to the c:\sandbox\<box name>\drive\program files directory to retrieve things.

    This assumes the scenario that you install an application, and want to "extract" it to see if it runs stand-alone without an install - that type of thing. That is one of my main uses of Sandboxie!

    Sul.
     
  8. Sully

    Sully Registered Member

    Joined:
    Dec 23, 2005
    Posts:
    3,719
    On another side note, I used to be into making my own installers by making an image, installing an app and then using InstallRite to get the data out. I wrote a program that parsed the registry and created an .inf file. It would cab up the application files, wherever they might be, and you end up with one .cab and one .inf. You then right click the .inf and choose "install". Many many hours spent doing that.

    Now with Sandboxie, its very easy unless the application insists on writing things to registry. Even registering libraries for dependencies is pretty easy with sandboxie if you use, I forget the name, Busters Analyzer or something like that.

    Point is just that if that is your goal (it seems to be the main one anyway to me), then Sandboxie is a GREAT tool for doing that.

    Sul.
     
  9. smallhagrid

    smallhagrid Registered Member

    Joined:
    Feb 14, 2011
    Posts:
    64
    Location:
    Vermont, America
    Holy Cow Sully !!!:
    You've made me DROOL right out loud !!!
    I bet skads of folks would go to great lengths to get something like what you described - at least all the throwbacks from the days of DOS like me !!!

    As to SBIE, I have tried multiple times and have trouble getting my mind around learning to use it right - and yes - it is the registry stuff that is most needful usually when it comes to these things.

    BSA looks like it will cover that need too, but Buster has made it amply clear that it is for malware analysis, otherwise...buzz off.

    If I could get SBIE to live in a single partition with no extra krap dropped in C:, and learn how to use these tools successfully somehow without needing to beat my head against a wall learning how to re-invent the wheel it'd be gravy for this olde guye, for sure.

    Equally for sure=> I'm no kind of coder, and what I've been able to find out about SBIE has left me a'scratchin me olde head mostly o_O o_O !

    Thanks Again Sully - now on to the other great replies from you:D .
     
  10. smallhagrid

    smallhagrid Registered Member

    Joined:
    Feb 14, 2011
    Posts:
    64
    Location:
    Vermont, America
    (needs the BIGGER hammer.)

    Ah yes:
    For those I use Universal Extractor, a couple of Inno Setup tools and just dogged determination to pry 'em open.

    'Tis the difficult ones for which the power tools are needed...!

    Thanks Again Sully.
     
  11. smallhagrid

    smallhagrid Registered Member

    Joined:
    Feb 14, 2011
    Posts:
    64
    Location:
    Vermont, America
    Re: Thanks, and more info about what I'm trying to do...

    Hi Sully, and thanks.

    For me:
    Most of my desire is to sort of keep XP for all of my remaining years; it may sound silly I know, but the newer, lobotomized OSs are just offensive to me.
    (Even if/when I go full-time to Linux I'll keep XP as a daily use VM...)

    You have my envy:
    If only there was a great way to get there myself minus a couple of years worth of head-banging !!

    Truly I am a bit baffled:
    My temp drive is a whole 'nother letter away from C: => and even when I use the portable SBIE there's been krap written to and left in C:...why ??
    Don't ask me - I sure don't know !!!

    And very appreciated it is too:
    You have my sincerest thanks !!!

    A shame really IMO:
    Methinks some serious competition would do it a world of good.

    I still wonder if Hopedot VOS comes anyplace near close to it in usability for doing this, or if it's just an over-priced Prayaya clone...?

    Thanks Sully.
     
Loading...
Thread Status:
Not open for further replies.