questions about sandboxie 64 bit

Discussion in 'sandboxing & virtualization' started by wutsup, Feb 16, 2010.

Thread Status:
Not open for further replies.
  1. wutsup

    wutsup Registered Member

    Joined:
    Sep 20, 2009
    Posts:
    630
    Location:
    United States
    hey wilders, im thinking about using sandboxie on my vista 64bit main computer and i have a couple of questions

    1. when i first install it are there any changes i should make to the defaut configuration or is it fine?

    2. i use keyscrambler and ad block plus with firefox and im just wondering if these are compatible with sandboxie 64 bit

    3 is sandboxie sompatible with threatfire?

    thanks in advance

    EDIT: also i checked the sandboxie 3.44 installer from the offical sandboxie website and it shows 1 trojan winhorse from esafe
    ~ VirusTotal link removed per Policy ~

    most likely a false psotive since sandboxie is a legit program righ?
     
    Last edited by a moderator: Feb 17, 2010
  2. wutsup

    wutsup Registered Member

    Joined:
    Sep 20, 2009
    Posts:
    630
    Location:
    United States
    anyone?

    i installed it and seems to work fine but can anyone tell me why the installer has a trojan in it?
     
  3. LoneWolf

    LoneWolf Registered Member

    Joined:
    Jan 2, 2006
    Posts:
    3,408
    If you downloaded from Sandboxie's website then you are fine.
    That one out of forty detection at VT most certainly is a false positive.
     
  4. innerpeace

    innerpeace Registered Member

    Joined:
    Jan 15, 2007
    Posts:
    2,095
    Location:
    Mountaineer Country
    The trojan reported is most likely a false positive. I uploaded the file to jotti, scanned it with avira free, mbam and sas and they all reported the file clean.

    1. The default setup is fine but you might want to limit what can run (start/run access) and have internet access through Sbie. It's also a good idea to block "sensitive" areas on your hard drive from what's running in Sbie (File Access > Blocked Access).

    More info here: http://www.sandboxie.com/index.php?RestrictionsSettings and here http://www.sandboxie.com/index.php?ResourceAccessSettings#file

    You may want to turn on Drop Rights since your running 64bit. See 7th paragraph here: http://www.sandboxie.com/index.php?NotesAbout64BitEdition

    Look into Forced Programs and Forced Folders and see if it's something you would like. http://www.sandboxie.com/index.php?ProgramStartSettings

    If your using ABP, you can create a rule that lets the filter rules pass through to your hard drive. My rule looks something like this: OpenFilePath=%AppData%\Mozilla\Firefox\Profiles\********.default\adblockplus\pattern*

    The asterisks part is my profile name. You will need add yours instead and add it to your Configuration.

    I hope this helps a little and don't be discouraged by all the available settings. Take your time and get to know sandboxie. The settings are easier than they appear and you can apply them at your leisure. If you want specific help, let us know what you want to run in the sandbox.
     
  5. wutsup

    wutsup Registered Member

    Joined:
    Sep 20, 2009
    Posts:
    630
    Location:
    United States
    ok thx for the info, but adblock plus and keyscrambler seem to work fine with firefox in sandboxed mode, if it works fine do i ahve to create new rules for them?

    and also whe n firefox updates to a newer version all i would need to do is run the regular firefox and just update it and then go back to the sandboxie short cut right?
     
  6. innerpeace

    innerpeace Registered Member

    Joined:
    Jan 15, 2007
    Posts:
    2,095
    Location:
    Mountaineer Country
    You don't have to create the rules but the ABP does update it's patterns automatically so it's kind of nice for it to pass through.

    To update firefox all that is needed to do is start a non sandboxed session and update FF and/or it's add-ons.

    I would make sure the Drop Rights feature is on since your running 64bit :thumb: .
     
  7. ProrokX

    ProrokX Registered Member

    Joined:
    May 8, 2009
    Posts:
    60
    1. It depends (are you paranoid or not:D). Read this thread and decide, what you looking for: https://www.wilderssecurity.com/showthread.php?t=240008
    Default Sandboxie is good, but when you make some changes- its overkill

    2. When you have Firefox sandboxed, you dont have to make each sandbox for any of addons:), everything is going smoothly, only remember- new version of browser, addon, etc... Disable always force Firefox, and update- thats all

    3. I really have no idea (I never used Sandboxie and Threatfire running altogether), but I think, you shouldn`t have big issues...
     
  8. stackz

    stackz Registered Member

    Joined:
    Dec 27, 2007
    Posts:
    619
    Location:
    Sydney Australia
    In testing on several PCs, I found no conflict between Sandboxie and Threatfire.
     
  9. wutsup

    wutsup Registered Member

    Joined:
    Sep 20, 2009
    Posts:
    630
    Location:
    United States
    ok thanks guys, yea the drop rights is automatically enabled in the 64 bit version.

    but im sorta confused about the start/run access and internet access settings.

    if i want firefox just to have access to both start/run and internet in sanboxie should i just add firefox to the start run and internet access settings?

    and for file access/blocked access, do i just add my C drive into this to not allow anything in sandboxie to access my harddrive?
     
    Last edited: Feb 17, 2010
  10. innerpeace

    innerpeace Registered Member

    Joined:
    Jan 15, 2007
    Posts:
    2,095
    Location:
    Mountaineer Country
    Yes. You may also need to allow java.exe in certain situations but I wouldn't do that unless you have a site that needs it.

    I would only block access to specific areas such as files or folders that contain personal or financial information. This is mainly to prevent keyloggers from accessing your info during the browsing session. Either way the keylogger or any changes would be gone when you empty the sandbox but it's nice to block access to those areas just in case.
     
  11. wutsup

    wutsup Registered Member

    Joined:
    Sep 20, 2009
    Posts:
    630
    Location:
    United States
    to innerpeace, ok thanks but im having problems running firefox sandboxed if i block access to my C drive which is the only harddrive on my pc.

    i get sbie 2204 and 2313 errors if i try to run firefox sandboxed with the blocked access to my harddrive.

    is this because the sbierpcss.exe is in my program files?

    see my other thread here:
    https://www.wilderssecurity.com/showthread.php?t=265650
     
  12. innerpeace

    innerpeace Registered Member

    Joined:
    Jan 15, 2007
    Posts:
    2,095
    Location:
    Mountaineer Country
    Hi watsup,

    I saw that tzuk responded to your question. If you have any more questions ask away.
     
  13. wutsup

    wutsup Registered Member

    Joined:
    Sep 20, 2009
    Posts:
    630
    Location:
    United States
    yep he replied to me on the sandboxie forums. i dont really ahve any senstivie data on my computer since it a gaming computer mostly, and some movies, music, family/friend phots etc etc

    but i have another question innerpeace, sandbox is suppuse to add its own folder into my C drive right? has the sandboxie symbol instead of a folder icon
     
  14. innerpeace

    innerpeace Registered Member

    Joined:
    Jan 15, 2007
    Posts:
    2,095
    Location:
    Mountaineer Country
    I'm still using version 3.40 and I have C:\sandbox. That is where everything is written during the session and when the contents of the sandbox are deleted so is the contents of C:\sandbox.

    I think tzuk made a change in the recent versions to include the sandbox icon. There may have also been another change but I can't remember now. Ok, after searching I found the thread from the betas. The change should be in version 3.40 and up. I have no idea why I'm not seeing it. http://www.sandboxie.com/phpbb/viewtopic.php?t=6172
     
Loading...
Thread Status:
Not open for further replies.