Sandboxie,Returnil or GeSWall?

Discussion in 'other anti-malware software' started by RSpanky, Jun 26, 2009.

Thread Status:
Not open for further replies.
  1. RSpanky

    RSpanky Registered Member

    Joined:
    Feb 27, 2009
    Posts:
    220
    Location:
    Arizona, USA
    I have Sandboxie Paid, DefenseWall Paid and Prevx 3 Paid, Would there be any advantages using Returnil or GeSWall free with my setup
     
  2. Boost

    Boost Registered Member

    Joined:
    Feb 2, 2007
    Posts:
    1,293

    Sandboxie + Returnil :thumb:
     
  3. RSpanky

    RSpanky Registered Member

    Joined:
    Feb 27, 2009
    Posts:
    220
    Location:
    Arizona, USA
    Could you please tell what the advantages would be
     
  4. Acadia

    Acadia Registered Member

    Joined:
    Sep 8, 2002
    Posts:
    4,048
    Location:
    SouthCentral PA
    Just another layer, although an excellent one. I run Sandboxie paid with Returnil free. SB you only need to buy once, Returnil you need to repurchase every year so for that reason alone I use the freebie.

    Acadia
     
  5. Boost

    Boost Registered Member

    Joined:
    Feb 2, 2007
    Posts:
    1,293
    Simple,

    With Sandboxie and Returnil,thats all you need! Something doesnt go right,reboot,your back in business,keep things simple!!!!!!!!!
     
  6. RSpanky

    RSpanky Registered Member

    Joined:
    Feb 27, 2009
    Posts:
    220
    Location:
    Arizona, USA
    Should I use Disk or Memory Not sure which I should use
     
  7. Boost

    Boost Registered Member

    Joined:
    Feb 2, 2007
    Posts:
    1,293
    Memory
     
  8. RSpanky

    RSpanky Registered Member

    Joined:
    Feb 27, 2009
    Posts:
    220
    Location:
    Arizona, USA
    Boost are you using Returnil I don't see it in your sig.
     
  9. Boost

    Boost Registered Member

    Joined:
    Feb 2, 2007
    Posts:
    1,293
    Was using it up til this week :argh: I got a chance to try out Deep Freeze,which basically does the same thing as Returnil.

    I never had any problems,or regrets using Returnil :thumb:
     
  10. RSpanky

    RSpanky Registered Member

    Joined:
    Feb 27, 2009
    Posts:
    220
    Location:
    Arizona, USA
    OK Thanks I'm off to play my softball game
     
  11. Boost

    Boost Registered Member

    Joined:
    Feb 2, 2007
    Posts:
    1,293
    Nail a home run or two :thumb:

    Later,I'm out to watch Transformers 2 :thumb:
     
  12. RSpanky

    RSpanky Registered Member

    Joined:
    Feb 27, 2009
    Posts:
    220
    Location:
    Arizona, USA
    Have a good show
     
  13. cp4eva

    cp4eva Registered Member

    Joined:
    May 26, 2007
    Posts:
    127
    Location:
    TX
    I've been running GESwall with only Prevx Edge (since it was released) and have had 0 problems and not a single nasty. Your mileage may vary :)
     
  14. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    i heard good things about GesWall
     
  15. innerpeace

    innerpeace Registered Member

    Joined:
    Jan 15, 2007
    Posts:
    2,095
    Location:
    Mountaineer Country
    With the paid programs you have, you don't need GeSWall because it's basically the same as DefenseWall.

    Returnil may be handy if you like to try new things like programs that don't need a reboot or let other people use your computer. Just use the Session Lock to virtualize your System partition and a reboot returns things to normal. I like to use it with Sandboxie when surfing rough seas :D.
     
  16. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    RSpanky,

    Here is my opinion.

    Use DefenseWall paid. It is simply the strongest protection you can get without sacrifying functionality. It uses policy management (limits rights of untrusted objects, being files and programs in a transparent way). Policy managment is one of the oldest and strongest ways of security. It is build in a lot of Operating systems (Unix, XP - LUA, Vista - UAC and Win7 UAC in a more user friendly manner), it was the way to go on old mainframes for transacton processing and data base monitors (MVS/CMS/CICS/IMS/DB2/etc).

    USe PrevX paid. Set all sliders to medium. Set heuristics AFTER age. This means that new arrivals will be checked (with medium settings is very strong). Since PrevX only focusses on new arrivals (and all objects are guarded by DW anyway), this is a nice way and low CPU load approach to check any new programs you might want to install.

    Effect: DW keeps all malware paralised, it can do no harm even when it is on your PC. When you want to install a program, you have to set the executable/installer to a trusted state (with right click context menu). When you install this new arrival, PrevX will check with medium settings (problably higher than you have now, using the default). PrevX's combined heuristics/baehaviour/community guardance/blacklist will higher the threshold for malware to sneek into your system (when you set it as trusted, otherwise DW will stop it cold).

    It is good practise to upload a program file before installing to VirusTotal. When you are uncertain, that is where Sandboxie comes in. Install the program in a SBIE Sandbox and keep it there for a month or so. When it behaves nicely, you can move it out of teh Sandbox and permantly add it to your setup.

    Effect: by using SBIE on demand, you can try out software, without risking intrusion (when PrevX might miss it).

    In short: a very safe setup you got there. Adding others only will add CPU load and very little security.

    Regards Kees
     
    Last edited: Jun 27, 2009
  17. Acadia

    Acadia Registered Member

    Joined:
    Sep 8, 2002
    Posts:
    4,048
    Location:
    SouthCentral PA
    Kees, a very interesting post, thank you. :cool:

    Acadia
     
  18. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    good explanation kees ''thanks'':)
     
  19. wat0114

    wat0114 Guest

    I've seen where an installer (can't remember the name, and it was trustworthy) that simply would not install in SB, so I don't know if this is always a practical solution. Also, why a whole month before determining a program's behaviour? It should take only mere minutes or sooner to spot oddball behaviour.
     
  20. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Just an example, zero day or zero hour malware should be detected by most AV's after a few days/weeks, therefore the safe time span of a month.
     
  21. LoneWolf

    LoneWolf Registered Member

    Joined:
    Jan 2, 2006
    Posts:
    3,408
    Just do not run Sandboxie with GesWall.
    I've learned from experiance that the two together spell trouble.
    No knowledge with Returnil.
    You do seam pretty well covered as it is with DW, SB and Px.
     
  22. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    LoneWolfe we have similar security set up;) :thumb: :thumb:
     
  23. LoneWolf

    LoneWolf Registered Member

    Joined:
    Jan 2, 2006
    Posts:
    3,408
    Hmmm, so we do.
    Nice, ain't it.
     
  24. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    cool i know how secure you are indeed;)
     
  25. blacknight

    blacknight Registered Member

    Joined:
    Sep 25, 2007
    Posts:
    2,433
    Location:
    Europe
    Quote. Returnil + GesWall or Sandboxie: as already said, another layer of protection. :thumb: I use GesWall and Returnil without problems.
     
Loading...
Thread Status:
Not open for further replies.