New Zone Alarm sandbox

Discussion in 'sandboxing & virtualization' started by Hairy Coo, Nov 3, 2007.

Thread Status:
Not open for further replies.
  1. Hairy Coo

    Hairy Coo Registered Member

    Joined:
    Oct 19, 2007
    Posts:
    1,486
    Location:
    Northern Beaches
    Check point has a beta version available of ForceField,with a few different features to the existing virtualisation apps.

    It can be exited from within the browser without rebooting and any downloads have the option of being saved into the real world,after being scanned for "danger".

    Also there is keylogger and phishing protection and a fraudulent website warning.

    http://download.zonealarm.com/bin/free/beta/forcefield/index.html

    The beta version seems reasonably stable, a bit slow maybe..
    It adds a full size toolbar to IE,but this can be removed.
    Then of course you forget its on!
    Release is supposed to be first quarter 2008 and it may even be freeware.:thumb:

    Another major offering will be Google and GreenBorder
    http://googlesystem.blogspot.com/2007/05/google-buys-greenborder-security.html

    Seems the field is getting slightly overcrowded!
     
  2. innerpeace

    innerpeace Registered Member

    Joined:
    Jan 15, 2007
    Posts:
    2,095
    Location:
    Mountaineer Country
    IMO, using a sandbox is a good idea. I'm glad to see different varieties available. However, they still allow the user to let malware onto their systems. If they can integrate a way to scan whatever you 'recover' from the sandbox, then that is an ideal setup. This is assuming that the scanner or scanners are good. I see ZA is trying to do this. It also appears from all the other features they have that 'ForceField' is a bit bloated.

    The best idea for a sandbox would be that if you decide to recover anything from the sandbox, it should be scanned by all your scanners and scanned by online scanners with multiple engines. If anything was suspicious it would then submitted and checked against a community database and then examined further. Sorta like if Sandboxie, Prevx and VirusTotal were all crammed into one seamless system. For now, I accomplish most of this manually. It's just a pain and time consuming. :ouch:
     
  3. Chuck57

    Chuck57 Registered Member

    Joined:
    Sep 2, 2002
    Posts:
    1,422
    Location:
    New Mexico, USA
    I just downloaded ZA's Forcefield and have been running it with Returnil engaged for the past hour or so. It may not be a fair test, but I'm looking mainly for problems. If it continues to run smoothly for the rest of the day, I might consider installing it and giving it a try. I'm running XP Pro sp2 all up to date, and Firefox 2 with adblock and noscripts.

    So far, it's nice, no problems and only a very slight hesitation when clicking on a site. Whether that's Forcefield or the combination of Forcefield and Returnil, I don't know.

    With only an hour's running and a dozen sites checked, none on the dark side, I can't really say much. I do like it so far.
     
  4. nanana1

    nanana1 Frequent Poster

    Joined:
    Jun 22, 2007
    Posts:
    947
    Have you tried Sandboxie which does the same protection with a less than 300Kb footprint vs your 5.2MB size :blink:
     
  5. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    Does it really matters? I will use a 100 MB installer over a 300Kb one if former is a better product.

    BTW I agree that SBIE is ecxcellent but I see no point in stressing over installer size esp 5.2 MB is not s real big size.
     
  6. Chuck57

    Chuck57 Registered Member

    Joined:
    Sep 2, 2002
    Posts:
    1,422
    Location:
    New Mexico, USA
    I used Sandboxie on my old computer. This computer doesn't like it, or it doesn't like this machine. Returnil runs nicely, but I'm always looking, and Forcefield so far seems pretty nice. I'm getting ready to download some useless something to see how closing Forcefield without losing the download works, and I'm not sure whether Forcefield stays engaged, like Returnil, if the browser is closed. Those are all things to figure out today.

    As for the antispyware, phishing, and site status, I'm a bit hesitant to mess with the dangerous side of the web, but am curious how it all works so will probably take that plunge as well.

    Again, only a couple of hours with Forcefield, but it's stable, no problems of any kind yet, and I'm still liking it.
     
  7. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    8,026
    Location:
    The Netherlands
    Why start a new topic? This tool was already mentioned in some other thread. Anyway, it was very unstable on my virtual machines the last time I checked it. And I have a feeling that Google will not release a new version of GreenBorder, I haven´t heard about it for months, not that I care, because it sucked IMO.
     
  8. Chuck57

    Chuck57 Registered Member

    Joined:
    Sep 2, 2002
    Posts:
    1,422
    Location:
    New Mexico, USA
    Not unstable at all here with Firefox, which is all I use. I tried it briefly with IE7, and it did slow things down and wouldn't allow some sites to open, including this one. I never use IE anyway, so don't much care.

    I'm curious how, being virtualization, it would handle viruses, etc. I'm guessing similar to any other virtualization program. I'll leave that to someone with more courage than I have to find out.
     
  9. Hairy Coo

    Hairy Coo Registered Member

    Joined:
    Oct 19, 2007
    Posts:
    1,486
    Location:
    Northern Beaches
    Couldnt find in search-can you point out the thread. Obviously otherwise I wouldnt have started a new topic!:rolleyes:

    Just realised a limitation-whereas an app. like Returnil virtualises the whole Windows system,this one only works with the browser.
    My main use would be for the testing of software,which rules it out.
     
    Last edited: Nov 3, 2007
  10. Chuck57

    Chuck57 Registered Member

    Joined:
    Sep 2, 2002
    Posts:
    1,422
    Location:
    New Mexico, USA
    Yep, this is just for browsers. I like the Private browser feature.

    I have Returnil but, if I keep Forcefield which I think I might, I'll be using it mostly just for testing the stuff I download.
     
  11. nanana1

    nanana1 Frequent Poster

    Joined:
    Jun 22, 2007
    Posts:
    947
    For me, the footprint size is important. There are too many bloatware developer nowadays, look at Nxro,etc. Prefer KISS, keep it small and simple.
     
  12. nanana1

    nanana1 Frequent Poster

    Joined:
    Jun 22, 2007
    Posts:
    947
    You don't lose anything you download in Sandboxie if you set it up correctly.
    Read the other threads for more on Sandboxie.
     
  13. nanana1

    nanana1 Frequent Poster

    Joined:
    Jun 22, 2007
    Posts:
    947
    Sandboxie works with any application you ask it too, not just browsers.
    It can be used to test any software as long as the software does not need a return to work, just like Returnil which is what brother Pete here sometimes does.:rolleyes:

    Read up the other threads here for more on Sandboxie.:cool:
     
  14. Chuck57

    Chuck57 Registered Member

    Joined:
    Sep 2, 2002
    Posts:
    1,422
    Location:
    New Mexico, USA
    Right, and I liked Sandboxie. It's a great program. Unfortunately, when I installed it on this computer, it created problems and I had to remove it. That was an older version. Haven't tried the current one.
     
  15. nanana1

    nanana1 Frequent Poster

    Joined:
    Jun 22, 2007
    Posts:
    947
    Great....try the new stable version v3.02 or if you are more adventurous, the new beta v3.02.28 which has a nice GUI and both are rather stable.*puppy*

    Their support is impeccable too, I must add !:cool:
     
  16. Chuck57

    Chuck57 Registered Member

    Joined:
    Sep 2, 2002
    Posts:
    1,422
    Location:
    New Mexico, USA
    Thanks, nanana1. Didn't know Sandboxie was up to v 3 already. I will download and give it a try. I was never online without it running with my old computer.
     
  17. Hairy Coo

    Hairy Coo Registered Member

    Joined:
    Oct 19, 2007
    Posts:
    1,486
    Location:
    Northern Beaches
    Thanks for the comment,but I've been using Returnil,Sandboxie and Altiris for centuries

    Actually I dont like using Sandboxie,much prefer Altiris or Returnil when possible.

    You should try Altiris.
     
    Last edited: Nov 3, 2007
  18. nanana1

    nanana1 Frequent Poster

    Joined:
    Jun 22, 2007
    Posts:
    947
    Wow...never met a centurian here:p Didn't know Returnil has a past life since it was only born this year.:p

    You may want to checkout the beta SBIE v3.02.28 which has a new GUI and does away with the .ini file.

    God bless and may you live long *puppy*
     
    Last edited: Nov 4, 2007
  19. Chuck57

    Chuck57 Registered Member

    Joined:
    Sep 2, 2002
    Posts:
    1,422
    Location:
    New Mexico, USA
    Altiris is fantastic. I have several programs in Altiris that I use every day, and I see no need to install them to my HD now.

    Just downloaded Sandboxie and this latest version seems to work on this computer. I'll play with it for a few days and make a decision.
     
  20. Hairy Coo

    Hairy Coo Registered Member

    Joined:
    Oct 19, 2007
    Posts:
    1,486
    Location:
    Northern Beaches
    Chuck,

    Unfortunately,I cant see any possibility of using Forcefield for testing.

    While the Private Browser function is running a virtual browser,it is possible to run or save software,but its then installed directly into the Windows system.
    Of course,if you then want to get rid of the app.,you have to uninstall in the regular way.

    Moo

    Hairy
     
  21. Chuck57

    Chuck57 Registered Member

    Joined:
    Sep 2, 2002
    Posts:
    1,422
    Location:
    New Mexico, USA
    Thanks Hairy Coo, I didn't read my post before hitting submit. It was supposed to say I'll keep Returnil for doing testing.

    In fact, after a few days, I'll probably end up with just Sandboxie since the new version runs on this computer, and removing both Forcefield and Returnil and testing and/or using new things with Altiris.
     
  22. innerpeace

    innerpeace Registered Member

    Joined:
    Jan 15, 2007
    Posts:
    2,095
    Location:
    Mountaineer Country
    Hi Chuck,

    Sandboxie is good for protecting browsers and such, but I think it is limited in the testing of programs within it. Returnil is much better at handling the installs of programs to play with. Just as long as that program doesn't need a reboot to install.

    I personally use both Sandboxie for browsing and using my media player. I also use Returnil when I'm going to bad places or installing/trying a new program.

    As far as ZA ForceField, it's still a beta and just the known issues in the link that Hairy Coo provided causes concern. It still has some growing pains to go through. In no way should anyone trust it as full-proof protection until it's released and hopefully proven.

    innerpeace
     
  23. Chuck57

    Chuck57 Registered Member

    Joined:
    Sep 2, 2002
    Posts:
    1,422
    Location:
    New Mexico, USA
    I like Altiris for testing. I've run well over a dozen different things on it so far, and kept 3 or 4 that I use daily. It just works.

    Some things won't run in it, but it's nice in that those programs you really want to keep you can, without putting them onto the hard drive.
     
  24. ratchet

    ratchet Registered Member

    Joined:
    Feb 20, 2006
    Posts:
    1,908
    So can Altiris test software that does require a reboot and is it still free? Thank You!
     
  25. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    17,042
    Went to the website to take another look. Geesh, I couldn't even figure out what I wanted. Symantec is making their mark. Grrr
     
Loading...
Thread Status:
Not open for further replies.