Sandbox programmes?

Discussion in 'sandboxing & virtualization' started by Retadpuss, Jun 27, 2009.

Thread Status:
Not open for further replies.
  1. Retadpuss

    Retadpuss Suspended Member

    Joined:
    Apr 4, 2009
    Posts:
    226
    How many sandbox programmes are there? Im mainly interested in those that can be used to isolate IE, Outlook and Live Mail. Im running Win 7 and sandboxie wont work properly with IE set as a forced programme - want alternatives.
     
  2. fax

    fax Registered Member

    Joined:
    May 30, 2005
    Posts:
    3,728
    Location:
    localhost
    Have you tried ZA ForceField? Not sure it runs on Windows 7 but you could try. It will only isolate IE or Firefox.
    p.s. Dont shoot on the messenger :D
     
  3. Ashanta

    Ashanta Registered Member

    Joined:
    Aug 21, 2007
    Posts:
    659
    Location:
    Europe
    Here, you are some alternatives:

    · BufferZone Pro
    · DefenseWall
    · GeSWall Professional Edition
    · Virtual Sandbox™

    I've on my computer Defense Wall. Good program !
     
  4. Retadpuss

    Retadpuss Suspended Member

    Joined:
    Apr 4, 2009
    Posts:
    226
    I tried GESWall ages ago when I was on XP and thought it was okay, but only ever got a BSOD on vista - Im trying 7100RC at moment and like it - other than several apps dont work with it - a quick search with Google shows GESWall wont work with it.

    I will plod on and try out the others suggested.

    Cheers,

    Puss
     
  5. Ashanta

    Ashanta Registered Member

    Joined:
    Aug 21, 2007
    Posts:
    659
    Location:
    Europe
  6. Saraceno

    Saraceno Registered Member

    Joined:
    Mar 24, 2008
    Posts:
    2,404
    Retad, DefenseWall should work with no problems.

    To clear the 'sandbox', you have to go to 'File and registry tracks', and then select all the files and then delete.

    Any file you've downloaded and want to keep, you have to highlight the file (in file and registry tracks) and select 'allow'.

    If you want to update your browser, such as java in IE, you just right-click on the IE icon and select 'run as trusted'.
     
  7. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    there is:
    AppGuard
    AppRanger
    PcArmor(sort of behabiour blocker with rollback funtion like defensewall)
    DefenSewall
     
  8. Ilya Rabinovich

    Ilya Rabinovich Developer

    Joined:
    Sep 13, 2005
    Posts:
    1,543
    But before doing this, you have to clearly understand what the files are you are going to delete!
     
  9. Pedro

    Pedro Registered Member

    Joined:
    Nov 2, 2006
    Posts:
    3,502
    There's something i never saw. Seems very good. Did anyone test it?
     
  10. Saraceno

    Saraceno Registered Member

    Joined:
    Mar 24, 2008
    Posts:
    2,404
    Completely agree.

    But to me (and I'd assume other Wilders members - but wouldn't suggest this to average users), I find it easy to interpret which files to delete and recover (allow). The files are listed by process and time.

    dw.jpg


    And even if a user highlights all files and selects 'delete', a second page then asks a user 'are you sure you want to delete the following files'.

    dw2.jpg

    dw3.jpg

    So for general interest, I find using DefenseWall easy to recover a file, and if I make a mistake in wanting to delete all files, DefenseWall gives you a second chance to cancel your delete request. :thumb:
     
  11. Acadia

    Acadia Registered Member

    Joined:
    Sep 8, 2002
    Posts:
    4,048
    Location:
    SouthCentral PA
    DefenseWall is a sandbox? I know that it is an excellent program, one of the best, but is it a "true" sandbox?

    Acadia
     
  12. Saraceno

    Saraceno Registered Member

    Joined:
    Mar 24, 2008
    Posts:
    2,404
    Ilya will have to answer this.

    I know while browsing, all my bookmarks are kept (which is good), but if I unpack hundreds of malware samples, and then go through the steps above, all are removed, no matter where they install too, or are transferred to.

    Same as if I launch a msn type program, or P2P, which stores all sorts of temporary files, all the info is removed. See files and registry tracks below.

    dw4.jpg
     
    Last edited: Jun 27, 2009
  13. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    17,042
    It is more what you call a policy Sandbox. Stuff is controlled by computer policy, as opposed to isolating them in a different location.

    While I prefer Sandboxie, I do have a DefenseWall License, and I've tested it against malware. It works as advertised.

    Pete
     
  14. Saraceno

    Saraceno Registered Member

    Joined:
    Mar 24, 2008
    Posts:
    2,404
    I think the best part with DefenseWall, is that any files downloaded appear on the desktop, or say in program files, or wherever you download the file, straight-away.

    You can use these files for an hour, several days, a couple of weeks. Your partner/family can use these files as they are downloaded. And when it comes time for you to decide to remove these files, you just delete 'file and registry tracks', and all are removed.

    Sandboxie is equally a powerful program, a PDF for example, can be launched when downloaded, and it will be sandboxed. It can be recovered (which 'could' pose a slight risk to an average user). But those more experienced, can 'right-click' on the file and run it sandboxed. Or with paid version, downloaded files to a specific area, can always run sandboxed, or further, the PDF program can always be run sandboxed.

    But for simplicity sake, the ability to download files and see and use these files right-away, with all protected from causing system damage, makes DW one easy to use program.
     
  15. Acadia

    Acadia Registered Member

    Joined:
    Sep 8, 2002
    Posts:
    4,048
    Location:
    SouthCentral PA
    Hmmmm, DefenseWall sounds nice, I already knew some of this, but have learned even more in this thread and now DW sounds even nicer. Does SB and DW both together on the same system equal overkill, or does it mean ... I can finally get rid of these &*#$%^ scanners?

    Acadia
     
  16. Saraceno

    Saraceno Registered Member

    Joined:
    Mar 24, 2008
    Posts:
    2,404
    Both work on the same system.

    I know Ilya doesn't like to promote the 'file and registry tracks', as most novice users will remove files they might have wanted to keep, and probably complain about it.

    But many on this forum use sandboxie for the sole purpose of clearing data out each day, or even hourly.

    So these users would benefit from knowing that DefenseWall can perform a similar function (but it keeps bookmarks, browsing history - which can be cleared from the web browser itself). Remember if you want to clear temporary data and don't want to lose any important files, make sure select the file you want to keep and select 'Allow'. See below.

    DW allow.jpg
     
    Last edited: Jun 27, 2009
  17. Threedog

    Threedog Registered Member

    Joined:
    Mar 20, 2005
    Posts:
    1,125
    Location:
    Nova Scotia, Canada
    Another little thing I like about Defensewall, is the ability to "lock" a file, folder, or drive so nothing that is "Untrusted" can touch it. You can do this with Sandboxie too but it works only while you have something running Sandboxed. With Defensewall it is a full time thing.
     
  18. Saraceno

    Saraceno Registered Member

    Joined:
    Mar 24, 2008
    Posts:
    2,404
    Without going too far off-topic, Acadia, I think a user could benefit from just DefenseWall and an on-demand scan from say CureIt once a week.

    A good security feature of the program, is that any files from removable drives are automatically set to 'untrusted'. Which means, can't cause problems if transferred from a USB.

    But if you do trust the files (and know they are safe) and want these to have full-access (for editing etc), you can highlight these files, and remove these from the untrusted list. See a Word document below that I transferred from a USB to my desktop. Now suddenly shows up automatically in the untrusted list. To remove this file from being untrusted, I highlight the file and select 'remove'.

    dw removable.jpg

    Alternatively, instead of the option above, I can highlight the file, right-click and 'change status to trusted', and the file will be removed from the untrusted application list.

    right click.jpg

    DW removable 2.jpg

    Pretty easy program to use. :)
     
    Last edited: Jun 27, 2009
  19. Keyboard_Commando

    Keyboard_Commando Registered Member

    Joined:
    Mar 6, 2009
    Posts:
    690

    I am running with Defensewall and Sandboxie together without problems for a month now.

    Only one slight noticeable annoyance; the deletion of sandbox contents hangs about 2 secs longer. But even that is not a problem ... I have tried crashing Sandboxie by opening/closing other instances of browsers and other applications while auto deletion is taking place ... No problems. You may sometimes get a pop up saying there is nothing to delete from the sandbox. But thats it.

    I have now done away with my AV scanner (in real time). It does take a little while to get confidence with DW, though, as it is so damn quiet. Its just a case of remembering to run new safe applications as trusted on install so they're permanently installed. I have forgotten to run a few new applications as trusted and of course they haven't loaded, but that is the most user interaction I've had with Defensewall.

    Def thumbs up :thumb:
     
  20. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    i can not stay quiet ''Defensewall'' is a winner here i can testify that when no one is there to save you againts nasty malware DefenseWall can save your bacon:):) good job ilya
     
  21. Ilya Rabinovich

    Ilya Rabinovich Developer

    Joined:
    Sep 13, 2005
    Posts:
    1,543
    First of all, what is a sandbox? It's an isolated space with some rights dropped. Isolation can be made with partial virtualization and/or policy-based restrictions. The approaches are different, the effect is the same (or almost the same).
     
  22. Osaban

    Osaban Registered Member

    Joined:
    Apr 11, 2005
    Posts:
    4,219
    No Vista 64 bit in the near future?
     
  23. Saraceno

    Saraceno Registered Member

    Joined:
    Mar 24, 2008
    Posts:
    2,404
    Thought I'd post a few more screenshots.

    DefenseWall automatically searches your programs and adds common ones to the untrusted list.

    But to add programs manually, you can do this through the main interface, or through right-click.


    Adding through the main interface. In this instance, I'll add Hitman Pro to the untrusted application list.

    DW adding programs.jpg

    DW adding programs 2.jpg

    You might find easier (and quicker) way is to just right-click on files or shortcuts, and select 'change status to untrusted'.

    DW adding programs 3.jpg

    Both achieve the same result.

    DW adding programs 4.jpg

    And the program can run now as untrusted.

    DW adding programs 5.jpg
     
  24. Saraceno

    Saraceno Registered Member

    Joined:
    Mar 24, 2008
    Posts:
    2,404
    Using the above example, Hitman Pro runs perfectly as an 'untrusted application'.

    DefenseWall will however, alert me the program is trying to get access to a secured file. I have the option of ignoring the alert and the program will continue to run, or selecting to terminate the application.

    DefenseWall alerts/warnings

    DefenseWall alert - this time I will choose to ignore, and the program will run as it normally would.

    DW hips.jpg

    Programs runs normally.

    DW hips 1.jpg

    And then running the program again and choosing to terminate the program - program is closed.

    DW hips 2.jpg

    Shutting down programs

    You can also shutdown programs through the main interface.

    Either through the 'stop attack' which closes all processes, or by selecting an individual process.

    DW close programs.jpg

    Just like sandboxie, through selecting a specific application.

    DW close individual.jpg
     
  25. Saraceno

    Saraceno Registered Member

    Joined:
    Mar 24, 2008
    Posts:
    2,404
    And some screenshots of the event log.

    DW event log.jpg

    After running Hitman Pro (as untrusted)

    DW event log 2.jpg

    And exporting the event log as a text file.

    DW event log 3.jpg
     
Loading...
Thread Status:
Not open for further replies.