New Zone Alarm sandbox

Check point has a beta version available of ForceField,with a few different features to the existing virtualisation apps.

It can be exited from within the browser without rebooting and any downloads have the option of being saved into the real world,after being scanned for "danger".

Also there is keylogger and phishing protection and a fraudulent website warning.

http://download.zonealarm.com/bin/free/beta/forcefield/index.html

The beta version seems reasonably stable, a bit slow maybe..
It adds a full size toolbar to IE,but this can be removed.
Then of course you forget its on!
Release is supposed to be first quarter 2008 and it may even be freeware.

Another major offering will be Google and GreenBorder
http://googlesystem.blogspot.com/2007/05/google-buys-greenborder-security.html

Seems the field is getting slightly overcrowded!

 

IMO, using a sandbox is a good idea. I'm glad to see different varieties available. However, they still allow the user to let malware onto their systems. If they can integrate a way to scan whatever you 'recover' from the sandbox, then that is an ideal setup. This is assuming that the scanner or scanners are good. I see ZA is trying to do this. It also appears from all the other features they have that 'ForceField' is a bit bloated.

The best idea for a sandbox would be that if you decide to recover anything from the sandbox, it should be scanned by all your scanners and scanned by online scanners with multiple engines. If anything was suspicious it would then submitted and checked against a community database and then examined further. Sorta like if Sandboxie, Prevx and VirusTotal were all crammed into one seamless system. For now, I accomplish most of this manually. It's just a pain and time consuming.

 

I just downloaded ZA's Forcefield and have been running it with Returnil engaged for the past hour or so. It may not be a fair test, but I'm looking mainly for problems. If it continues to run smoothly for the rest of the day, I might consider installing it and giving it a try. I'm running XP Pro sp2 all up to date, and Firefox 2 with adblock and noscripts.

So far, it's nice, no problems and only a very slight hesitation when clicking on a site. Whether that's Forcefield or the combination of Forcefield and Returnil, I don't know.

With only an hour's running and a dozen sites checked, none on the dark side, I can't really say much. I do like it so far.

 

Have you tried Sandboxie which does the same protection with a less than 300Kb footprint vs your 5.2MB size

 

Does it really matters? I will use a 100 MB installer over a 300Kb one if former is a better product.

BTW I agree that SBIE is ecxcellent but I see no point in stressing over installer size esp 5.2 MB is not s real big size.

 

I used Sandboxie on my old computer. This computer doesn't like it, or it doesn't like this machine. Returnil runs nicely, but I'm always looking, and Forcefield so far seems pretty nice. I'm getting ready to download some useless something to see how closing Forcefield without losing the download works, and I'm not sure whether Forcefield stays engaged, like Returnil, if the browser is closed. Those are all things to figure out today.

As for the antispyware, phishing, and site status, I'm a bit hesitant to mess with the dangerous side of the web, but am curious how it all works so will probably take that plunge as well.

Again, only a couple of hours with Forcefield, but it's stable, no problems of any kind yet, and I'm still liking it.

 

Why start a new topic? This tool was already mentioned in some other thread. Anyway, it was very unstable on my virtual machines the last time I checked it. And I have a feeling that Google will not release a new version of GreenBorder, I haven´t heard about it for months, not that I care, because it sucked IMO.

 

Not unstable at all here with Firefox, which is all I use. I tried it briefly with IE7, and it did slow things down and wouldn't allow some sites to open, including this one. I never use IE anyway, so don't much care.

I'm curious how, being virtualization, it would handle viruses, etc. I'm guessing similar to any other virtualization program. I'll leave that to someone with more courage than I have to find out.

 

Couldnt find in search-can you point out the thread. Obviously otherwise I wouldnt have started a new topic!

Just realised a limitation-whereas an app. like Returnil virtualises the whole Windows system,this one only works with the browser.
My main use would be for the testing of software,which rules it out.

 

Yep, this is just for browsers. I like the Private browser feature.

I have Returnil but, if I keep Forcefield which I think I might, I'll be using it mostly just for testing the stuff I download.

 

For me, the footprint size is important. There are too many bloatware developer nowadays, look at Nxro,etc. Prefer KISS, keep it small and simple.

 

You don't lose anything you download in Sandboxie if you set it up correctly.
Read the other threads for more on Sandboxie.

 

Sandboxie works with any application you ask it too, not just browsers.
It can be used to test any software as long as the software does not need a return to work, just like Returnil which is what brother Pete here sometimes does.

Read up the other threads here for more on Sandboxie.

 

Right, and I liked Sandboxie. It's a great program. Unfortunately, when I installed it on this computer, it created problems and I had to remove it. That was an older version. Haven't tried the current one.

 

Great....try the new stable version v3.02 or if you are more adventurous, the new beta v3.02.28 which has a nice GUI and both are rather stable.

Their support is impeccable too, I must add !

 

Thanks, nanana1. Didn't know Sandboxie was up to v 3 already. I will download and give it a try. I was never online without it running with my old computer.

 

Thanks for the comment,but I've been using Returnil,Sandboxie and Altiris for centuries

Actually I dont like using Sandboxie,much prefer Altiris or Returnil when possible.

You should try Altiris.

 

Wow...never met a centurian here Didn't know Returnil has a past life since it was only born this year.

You may want to checkout the beta SBIE v3.02.28 which has a new GUI and does away with the .ini file.

God bless and may you live long

 

Altiris is fantastic. I have several programs in Altiris that I use every day, and I see no need to install them to my HD now.

Just downloaded Sandboxie and this latest version seems to work on this computer. I'll play with it for a few days and make a decision.

 

Chuck,

Unfortunately,I cant see any possibility of using Forcefield for testing.

While the Private Browser function is running a virtual browser,it is possible to run or save software,but its then installed directly into the Windows system.
Of course,if you then want to get rid of the app.,you have to uninstall in the regular way.

Moo

Hairy

 

Thanks Hairy Coo, I didn't read my post before hitting submit. It was supposed to say I'll keep Returnil for doing testing.

In fact, after a few days, I'll probably end up with just Sandboxie since the new version runs on this computer, and removing both Forcefield and Returnil and testing and/or using new things with Altiris.

 

Hi Chuck,

Sandboxie is good for protecting browsers and such, but I think it is limited in the testing of programs within it. Returnil is much better at handling the installs of programs to play with. Just as long as that program doesn't need a reboot to install.

I personally use both Sandboxie for browsing and using my media player. I also use Returnil when I'm going to bad places or installing/trying a new program.

As far as ZA ForceField, it's still a beta and just the known issues in the link that Hairy Coo provided causes concern. It still has some growing pains to go through. In no way should anyone trust it as full-proof protection until it's released and hopefully proven.

innerpeace

 

I like Altiris for testing. I've run well over a dozen different things on it so far, and kept 3 or 4 that I use daily. It just works.

Some things won't run in it, but it's nice in that those programs you really want to keep you can, without putting them onto the hard drive.

 

So can Altiris test software that does require a reboot and is it still free? Thank You!