Sandbox Question?

Which technique you are referring to Rasheed?

 

Easter, I think you and HermesComputers are both, indirectly, talking about the computer owner and user. I don't think there's a software made yet that can protect a person from themselves. Sandboxie, Returnil, my late beloved PowerShadow, and all the rest, HIPS, AV's, etc can do their part. But nothing is going to stop people from going that extra step and infecting their computer. I'd hazard a guess that well over 90% of computer users are clueless as to what's out there. They just blissfully surf to this or that site, with their out of date antivirus and inadequately configured firewall, which they think is enough to save them, and blame anybody and everything when they end up infected.

 

Hi Chuck57

I agree and see it all the time, those users are in a group to themselves IMO. If they enjoy degrading their investment it's their machine to drown.

But INFORMED users are more inclined after they been bit hard enough or often enough to begin their own research and hopefully stumble onto the right sites for programs that can better prevent problems they experienced that have cost them time and internet service.

I always have a beef with malware writers and distributors because they deliberately attempt to steal as a thief our internet service, privacy, etc. whenever we have to stop and make repairs to our systems due to some cleverly crafted invasion whether it be bundled in freeware or from a drive-by.
I once threw a fit after a hit that affected my PC and contacted the site it originated from with proof i emailed them, and they offered me the phone number of the rotating advertiser responsible for pushing crap in their ads that affected on-line windows machines.

Don't remember now if they eventually stopped the distributions or not, but i threatened to take them to task (court) if my machine (and service) was interrupted again due to their laced ads.

You have to fight back especially when they are not only disrupting your internet service but threatening to cripple your good machine with garbage.

More On Topic, SandboxIE is a dream come true, and i think it's one of the best thought out programs ever conceived, but then so is Returnil, Power Shadow, HIPS, etc.

Today with programs like SandboxIE to trap incoming files, the user stands a much greater chance of avoiding problems then ever before.

 

Good post, Easter. All correct. Sandboxie starts when I turn on my machine and bring up the browser. I've used it off and on since I first heard about it. Tried a few other things but always return to Sandboxie. The same goes with Returnil.

DeepFreeze, I like because it just sits there out of the way and, so far, works as advertised. I recently got faronics AE but haven't installed it. I suppose I will one of these days.

I think Sandboxie should be on the desktop of every computer sold, along with very simple, easy to read, basic instructions on what it is and how to use it. The basics are all that's needed for average users.

 

I have to agree 110%!

The combo of SandboxIE + DEEP FREEZE is virtually a seal. I also use EQS mainly for educating myself on exactly what is interacting and when or why, but those 2 mentioned are as close as it gets to solid protection.

Faronic's is really a Steel & Iron type app and i don't know how they done it, but it is formidable indeed, for that matter SandboxIE is just as Iron & Steel also as it gets. I also have Anti-Executable but it's shelved for now, the trio i use seems plenty enough as-is.

SandboxIE's exceptional performance and protection is the reason i opened a topic on it. And you know it's funny. SandboxIE is been around awhile and is not a newcomer at all, but tzuk thanks to all the generous users/customers of it making their complaints & suggestions known have absolutely elevated it to a standard never before realized.

The very fact that you can both Terminate & Delete (i use secure delete ERASER) files contained in it's sealed zone is nothing short of remarkable because it is very user friendly on top of all that.

 

I agree! It just makes sense to isolate an internet facing application from your system. The difficult part is getting users to understand what it does and how to use it. Sandboxie's GUI is an improvement, but it can be better. Personally it's fine the way it is for me, but to the newbie that only uses suites, it's probably overwhelming. A very good tutorial with pics is needed and it looks like they are working on that too .

 

the revised help/tutorial is much better now,easier for me to understand.

 

For heaven's sake Huupi please point me in that direction too. I assume it's still web based. I really like one day to see a help file implimented in the app iteslf but i surely won't complain, theres a myriad of useful suggestions and settings that i even haven't got wind of yet.

LoL

EASTER

 

Greeting Easter, Here is a link to the Help Topics. http://www.sandboxie.com/index.php?HelpTopics

 

Thanks as always innerpeace

Your a real champ and it will help indeed.

EASTER

 

Your most welcome EASTER.

 

I've used the block program while running Kmeleon, making Kmeleon the only program allowed to access the Internet.

In the latest version, 1.1.4 of Kmeleon though, it don't work, or it works too well. With that latest update, Kmeleon freezes. I can shut down but by clicking the X in the upper corner, but no buttons work.

I backed down to v 1.1.3 and all is fine. No big deal since I don't use it but occasionally on some sites. I like the idea of being able to fake a user agent. Example, I'm showing as running Safari on an Apple computer right now.

For most browsing I use the FF 3.x beta, latest beta version. I love it and it works perfectly with Sandboxie.

 

Hi, I'm glad you mentioned this as I was going to install K-meleon. Now I will give it a try first by installing it while shadowed and see if it works in Sandboxie here.

iirc, opera can fake user agents. I could be wrong though.

 

I'm not seeing the freezing with K-meleon within Sbie. I have 9 tabs open and the buttons I've tried all seem to work ok. I think I have it setup correctly. I set K-meleon as the only app to access the interent through the gui. This is what is showing in the config.

ClosedFilePath=!k-meleon.exe,\Device\RawIp
ClosedFilePath=!k-meleon.exe,\Device\Ip*
ClosedFilePath=!k-meleon.exe,\Device\Tcp*
ClosedFilePath=!k-meleon.exe,\Device\Afd*

I'm using Sbie version 3.22 and K-meleon version 1.1.4. I also didn't install the loader thing, but loader.exe is still in the C:\Program Files\K-meleon.

 

Could someone plz explain the exact purpose for adding asterisks * after certain items lists?

Thanks

 

IMO it's All/Other. Accept K-Meleon and block other or block all but accept K-Meleon.

 

MikeNaS is correct, it's a wildcard.
http://www.sandboxie.com/index.php?ClosedFilePath and a link in that page leads to a wildcard explanation...
http://www.sandboxie.com/index.php?OpenFilePath