Sandboxie,Returnil or GeSWall?

I have Sandboxie Paid, DefenseWall Paid and Prevx 3 Paid, Would there be any advantages using Returnil or GeSWall free with my setup

 

Sandboxie + Returnil

 

Could you please tell what the advantages would be

 

Just another layer, although an excellent one. I run Sandboxie paid with Returnil free. SB you only need to buy once, Returnil you need to repurchase every year so for that reason alone I use the freebie.

Acadia

 

Simple,

With Sandboxie and Returnil,thats all you need! Something doesnt go right,reboot,your back in business,keep things simple!!!!!!!!!

 

Should I use Disk or Memory Not sure which I should use

 

Memory

 

Boost are you using Returnil I don't see it in your sig.

 

Was using it up til this week I got a chance to try out Deep Freeze,which basically does the same thing as Returnil.

I never had any problems,or regrets using Returnil

 

OK Thanks I'm off to play my softball game

 

Nail a home run or two

Later,I'm out to watch Transformers 2

 

Have a good show

 

I've been running GESwall with only Prevx Edge (since it was released) and have had 0 problems and not a single nasty. Your mileage may vary

 

i heard good things about GesWall

 

With the paid programs you have, you don't need GeSWall because it's basically the same as DefenseWall.

Returnil may be handy if you like to try new things like programs that don't need a reboot or let other people use your computer. Just use the Session Lock to virtualize your System partition and a reboot returns things to normal. I like to use it with Sandboxie when surfing rough seas .

 

RSpanky,

Here is my opinion.

Use DefenseWall paid. It is simply the strongest protection you can get without sacrifying functionality. It uses policy management (limits rights of untrusted objects, being files and programs in a transparent way). Policy managment is one of the oldest and strongest ways of security. It is build in a lot of Operating systems (Unix, XP - LUA, Vista - UAC and Win7 UAC in a more user friendly manner), it was the way to go on old mainframes for transacton processing and data base monitors (MVS/CMS/CICS/IMS/DB2/etc).

USe PrevX paid. Set all sliders to medium. Set heuristics AFTER age. This means that new arrivals will be checked (with medium settings is very strong). Since PrevX only focusses on new arrivals (and all objects are guarded by DW anyway), this is a nice way and low CPU load approach to check any new programs you might want to install.

Effect: DW keeps all malware paralised, it can do no harm even when it is on your PC. When you want to install a program, you have to set the executable/installer to a trusted state (with right click context menu). When you install this new arrival, PrevX will check with medium settings (problably higher than you have now, using the default). PrevX's combined heuristics/baehaviour/community guardance/blacklist will higher the threshold for malware to sneek into your system (when you set it as trusted, otherwise DW will stop it cold).

It is good practise to upload a program file before installing to VirusTotal. When you are uncertain, that is where Sandboxie comes in. Install the program in a SBIE Sandbox and keep it there for a month or so. When it behaves nicely, you can move it out of teh Sandbox and permantly add it to your setup.

Effect: by using SBIE on demand, you can try out software, without risking intrusion (when PrevX might miss it).

In short: a very safe setup you got there. Adding others only will add CPU load and very little security.

Regards Kees

 

Kees, a very interesting post, thank you.

Acadia

 

good explanation kees ''thanks''

 

I've seen where an installer (can't remember the name, and it was trustworthy) that simply would not install in SB, so I don't know if this is always a practical solution. Also, why a whole month before determining a program's behaviour? It should take only mere minutes or sooner to spot oddball behaviour.

 

Just an example, zero day or zero hour malware should be detected by most AV's after a few days/weeks, therefore the safe time span of a month.

 

Just do not run Sandboxie with GesWall.
I've learned from experiance that the two together spell trouble.
No knowledge with Returnil.
You do seam pretty well covered as it is with DW, SB and Px.

 

LoneWolfe we have similar security set up

 

Hmmm, so we do.
Nice, ain't it.

 

cool i know how secure you are indeed

 

Quote. Returnil + GesWall or Sandboxie: as already said, another layer of protection. I use GesWall and Returnil without problems.