Sandboxie & Geswall Together

Discussion in 'other anti-malware software' started by TerryWood, Jul 12, 2008.

Thread Status:
Not open for further replies.
  1. TerryWood

    TerryWood Registered Member

    Joined:
    Jan 14, 2006
    Posts:
    703
    Hi All

    I am running Sandboxie and Geswall together.

    That is my Sandboxie is configures to allow only my browser (Firefox) to run.
    So when I start Firefox it starts sandboxed and running in Geswall. The latter giving the formal keylogger protection that Sandboxie does not have.

    Slight problem of sluggishness. Also when you shut Firefox down it either takes a very long time or it leaves firefox.exe in the task manager.

    Anybody experienced this and are ther any work arounds.

    Thanks

    Terry
     
  2. LoneWolf

    LoneWolf Registered Member

    Joined:
    Jan 2, 2006
    Posts:
    3,408
    My experiance with running Sandboxie and Geswall together was very bad.
    Although the two ran togeather on my pc for a short while I keep having some conflicts and small program crashes till the big one.....computer crashed. Pc would not boot. I had to use the sub station in Rollback Rx.
    Lost all snapshots and had to go back to baseline (that was still good) with Rollback Rx.
    Although Sandboxie and Geswall are not compatable, Sandboxie and DefenseWall are. No issues with my current setup.
     
  3. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    Not a good idae IMO.
     
  4. dw426

    dw426 Registered Member

    Joined:
    Jan 3, 2007
    Posts:
    5,543
    IMHO make it and either/or thing and only run SBIE or DW/GW. They work differently, but provide the same if not extremely close to same protection. I couldn't get SBIE to work with Defensewall very well (of course nothing seems to get along with Sandboxie on my system, I think it's jealousy, hehe). One thing is for sure, all 3 programs provide great protection if they work well on your system.
     
  5. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    i tried to run those two and i got some errors with ieexplorer,then i tried defensewall which also blocks keyloggers and it works perfectly.:thumb: defensewall and sandboxie
    thats my current set up.:thumb:
     
  6. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,057
    Location:
    North Carolina
    Geswall has its on version of Sandboxie, thus the need to not install Sandboxie.
     
  7. HURST

    HURST Registered Member

    Joined:
    Jul 20, 2007
    Posts:
    1,419
    I wonder why people insist in running GW or DW together with SBIE.
    All of them offer excelent protection.
    I have read in some posts that they do it "in case something is recovered from the sandbox, it stays untrusted"
    But by that logic, and if you worry about that, SBIE is not needed. Just use GW or DW and you have the same protection with less resources.
    Is it just for the ability to delete the sandbox?
     
  8. dw426

    dw426 Registered Member

    Joined:
    Jan 3, 2007
    Posts:
    5,543
    Well, when I was doing it that way it was because of my unfamiliarity with DW/GW. I was used to the way SBIE worked because I was the one that recovered/emptied things out of it all the time, and, I KNEW that not even a registry key would leave the sandbox, so I knew when I tested things out, I was safe. With DW/GW, since I didn't see what it was doing behind the scenes and only got pop-ups wanting to allow/disallow things, so it made me less comfortable.
     
  9. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    is not only that but the flexibility of one doing one job and the the other doing another job not just in case sandboxie or you know.
    to be clear for example sandboxie only restrict keyloggers if you apply certain
    configuration which for novice is very difficult,now defensewall comes with default keylogger blocking capability.so in my case i need both for that reason and i also like both.:thumb:
     
  10. HURST

    HURST Registered Member

    Joined:
    Jul 20, 2007
    Posts:
    1,419
    By this logic you only need DefenseWall
     
  11. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    the thing is that Defensewall does not Prevents a cross-site scripting attack that introduces malicious scripts injection into iexplorer and sandboxie covers this very nicelly.:D
    and you probably will tell me to use firefox(with noscript) or additional explorer but i use microsoft.
     
  12. CogitoErgoSum

    CogitoErgoSum Registered Member

    Joined:
    Aug 22, 2005
    Posts:
    641
    Location:
    Cerritos, California
    Hello jjmonge,

    Correction, while DefenseWall does not prevent or block cross-site scripting(XSS), it "will" protect against the malicious script injection into Internet Explorer introduced by way of XSS. Keep in mind that XSS is just a "means" to redirect one's web browser to a malicious site, steal private/sensitive information or expose one to drive-by-downloads(malicious payload delivered via manipulated javascript, iframes, ActiveX & Flash and exploit targeted malware).


    Peace & Gratitude,

    CogitoErgoSum
     
    Last edited: Jul 13, 2008
  13. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    so if Defensewall prevent the damage i will say that it defeats the type of attack:D yes or not?
     
  14. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    Still not. Passwords and other info can be stolen via Cross site Sripting even when u are running any of these sandboxes like gW, DW, SBIE etc etc.
     
  15. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    Thanks aigle for replying.
     
  16. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    U r welcome ofcourse.
     
  17. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    If everybody says that
    - 2 firewalls on board is not a good idea.
    - 2 real-time scanners on board is not a good idea.
    why would it be suddenly a good idea to install 2 sandbox softwares ?
    I don't even combine DW and SB, because it caused problems.
    If a sandbox software has shortcomings, fix them with an additional security software, not another sandbox software.
    For the same reason I don't combine FDISR and Returnil/SD, it's FDISR or Returnil or SD.
    Combining FDISR and Baseline Shield (HDS) was a disaster, I tested it myself, had to restore an image to get my system back.
     
    Last edited: Jul 13, 2008
  18. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    17,039
    Depends on what the software is and what you do with it.

    I have FDISR, Sandboxie, and Shadowdefender. I don't try and update FDISR archives when shadowed although I've tested it and it works. Sandboxie and Shadowdefender together work fine together. Granted some combo's might not work and certain usage combo's might not work, but as a generality I don't see a problem.
     
  19. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    I don't install 100 softwares to do different things, that's your (expensive) hobby, not mine.
    The more softwares I have, the more maintenance.
     
  20. Hugger

    Hugger Registered Member

    Joined:
    Oct 27, 2007
    Posts:
    1,003
    Location:
    Hackensack, USA
    If GW, DW or SBIE can't protect me from XSS then what would?
    Hugger
     
  21. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    the internet explorer beta 8 will:D
     
  22. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    I don,t know.

    ATM only application might be NoScript FF extension. How effective it is, I am not sure.
     
  23. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
  24. CogitoErgoSum

    CogitoErgoSum Registered Member

    Joined:
    Aug 22, 2005
    Posts:
    641
    Location:
    Cerritos, California
    Hello Hugger,

    Privacy/security hardening one's web browser of choice will help lessen and/or negate the impact of cross-site scripting(XSS). The following link below may be of interest to you. Hope this helps.

    https://www.wilderssecurity.com/showthread.php?p=1273394 (*Note: Please take note of post #'s 1, 14, 20-21, 23-25 & 27)


    Peace & Gratitude,

    CogitoErgoSum
     
  25. Ilya Rabinovich

    Ilya Rabinovich Developer

    Joined:
    Sep 13, 2005
    Posts:
    1,543
    XSS is not about local computer intrusion. So, no HIPS can really do that, it's a job for your browser. As I know, FireFox 3 and Opera 9.5x has it.
     
Loading...
Thread Status:
Not open for further replies.