Sandboxie: What do you sandbox, other than your browser?

Discussion in 'sandboxing & virtualization' started by Tyrizian, Jun 29, 2013.

  1. Tyrizian

    Tyrizian Registered Member

    Joined:
    Apr 26, 2012
    Posts:
    2,806
    In my setup, I sandbox my browsers and I sandbox software that I want to test.

    What else could benefit in the sandbox?

    This is currently what I have, but I know I could add more...I'm sure.

    InMySandbox.jpg

    What do you sandbox in yours and why?

    I ask, because this can give me some idea's on how to better utilize Sandboxie.

    Thanks
     
  2. TheKid7

    TheKid7 Registered Member

    Joined:
    Jul 22, 2006
    Posts:
    3,469
    You can sandbox just about any program and some other items:

    1. PDF reader
    2. Media Player
    3. CD/DVD RW/ROM drives
    4. Drive Letters
    5. Downloads folder
     
  3. Tyrizian

    Tyrizian Registered Member

    Joined:
    Apr 26, 2012
    Posts:
    2,806
    I know I can, but am wondering if anyone else does it different than me, and if they do, what configuration do they have in place.

    If I were to add anything from your list, the most important one would be #4

    Do you configure yours for Flash drives and such?

    If so, any special way you like to do it?
     
  4. aladdin

    aladdin Registered Member

    Joined:
    Jan 9, 2006
    Posts:
    2,986
    Location:
    Oman
    Excellent thread! A learning thread for me!

    Best regards,
     
  5. Osaban

    Osaban Registered Member

    Joined:
    Apr 11, 2005
    Posts:
    4,222
    Only my browsers here (Chrome and IE10), any other situation I find it easier to use Shadow Defender.
     
  6. ams963

    ams963 Registered Member

    Joined:
    May 3, 2011
    Posts:
    5,965
    Location:
    Parallel Universe
    Any internet accessing app, CD/DVD drive and usb flash drive
     
  7. Joxx

    Joxx Registered Member

    Joined:
    Sep 5, 2012
    Posts:
    1,126
    Apart from my browser I also have a sandbox called Media that manages the (many) torrent downloads I make.
    I created two forced folders to where Utorrent sends the finished files, I force run my media players (the only programs that can run inside that sandbox) and there's no internet access allowed.
     

    Attached Files:

    • s1.PNG
      s1.PNG
      File size:
      29 KB
      Views:
      1,319
    • s2.PNG
      s2.PNG
      File size:
      43.4 KB
      Views:
      1,348
    • s3.PNG
      s3.PNG
      File size:
      39.6 KB
      Views:
      1,334
    • s4.PNG
      s4.PNG
      File size:
      46.1 KB
      Views:
      1,330
    • s5.PNG
      s5.PNG
      File size:
      46.2 KB
      Views:
      1,320
  8. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    17,047
    I sandbox(Sandboxie) my browsers and outlook all the time. These sandboxes have specific lists of what can run in them and what can access the internet.

    I also have a sandbox with no restrictions on what can run, but with internet access. That way if say I want to sandbox a particular PDF file, I just right click it and run it sandboxed.

    I do not install anything in the sandbox, as it I don't feel it's a test bed. For that I use either FDISR, or a VM machine.

    Pete
     
  9. Carver

    Carver Registered Member

    Joined:
    Feb 5, 2006
    Posts:
    1,827
    Location:
    USA
    I can have Thunderbird sandboxed if I suspect it might be infected so I can open it up an read it if necessary..
     
  10. Tyrizian

    Tyrizian Registered Member

    Joined:
    Apr 26, 2012
    Posts:
    2,806
    I'm thinking I should add drive letters, and my E-mail client, rather than just browsers and installs.

    Now, I feel like I'm using Sandboxie to it's full potential :thumb:
     
  11. The Red Moon

    The Red Moon Registered Member

    Joined:
    May 17, 2012
    Posts:
    3,872
    What i love about sandboxie is the fact that the free version is secure and extremely usable and the paid version gives you something which is genuinely useful like the forced folder option etc.

    I think ronen has done an exceptional job with this program and deserves some form of financial reward seeing as he has done so much work with this.:thumb:
     
  12. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    17,047
    Be careful. If you force the c: drive you can lock your self out your system.

    Ask yourself what is point of adding drive letters unless they are CD's or USB drives.

    Pete
     
  13. kjdemuth

    kjdemuth Registered Member

    Joined:
    Jul 29, 2005
    Posts:
    2,960
    Location:
    Boston, MA
    I only have drive F-Z sandboxed. That should be mostly anything I attach like a USB or portable HD. Anything internet facing gets sandboxed. Download folder is very restricted. Nothing much running in there.
     
  14. Tyrizian

    Tyrizian Registered Member

    Joined:
    Apr 26, 2012
    Posts:
    2,806

    I should have been more detailed in my previous post, sorry about that.

    I'm not going to Sandbox my C: Drive, just portable USB Flash Drives is what I meant.
     
  15. Tyrizian

    Tyrizian Registered Member

    Joined:
    Apr 26, 2012
    Posts:
    2,806
    Do you have a particular way that you do this?

    Is it as simple as right clicking on the drive and tell it to "Run Sandboxed", or do you have a configuration in place?

    I haven't sandboxed a drive in Sandboxie yet, which is why I ask.
     
  16. kjdemuth

    kjdemuth Registered Member

    Joined:
    Jul 29, 2005
    Posts:
    2,960
    Location:
    Boston, MA
    yeah it's configured. Kinda something like this.....Boom!

    [USB]

    Enabled=y
    ConfigLevel=7
    AutoRecover=y
    Template=BlockPorts
    Template=LingerPrograms
    Template=Firefox_Phishing_DirectAccess
    Template=AutoRecoverIgnore
    RecoverFolder=%{374DE290-123F-4565-9164-39C4925E467B}%
    RecoverFolder=%Personal%
    RecoverFolder=%Favorites%
    RecoverFolder=%Desktop%
    BorderColor=#00FFFF,ttl
    ForceFolder=Z:\
    ForceFolder=Y:\
    ForceFolder=X:\
    ForceFolder=W:\
    ForceFolder=V:\
    ForceFolder=U:\
    ForceFolder=T:\
    ForceFolder=S:\
    ForceFolder=R:\
    ForceFolder=Q:\
    ForceFolder=P:\
    ForceFolder=O:\
    ForceFolder=N:\
    ForceFolder=M:\
    ForceFolder=L:\
    ForceFolder=K:\
    ForceFolder=J:\
    ForceFolder=I:\
    ForceFolder=H:\
    ForceFolder=G:\
     
  17. Tyrizian

    Tyrizian Registered Member

    Joined:
    Apr 26, 2012
    Posts:
    2,806
    Sweet, thank you very much...This will definitely help, I appreciate it :thumb:
     
  18. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    3,770
    Location:
    Nicaragua
    I sandbox just about every program or file that I run in my computers. Each sandbox is tailored according to the program or the purpose for which it was created. This are the sandboxes that I am using in my XP, they cover pretty much everything that I do when I use the XP.

    Bo
     

    Attached Files:

  19. The Red Moon

    The Red Moon Registered Member

    Joined:
    May 17, 2012
    Posts:
    3,872
    Rather than doing that would it not be far better to just use something like shadow defender or returnil...:)
     
  20. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    3,770
    Location:
    Nicaragua
    In my USB drives sandbox, all programs are allowed to run and none is allowed to have internet access. The sandbox is set to delete on closing and personal folders and files are blocked from being accessed by programs running in the sandbox. Thats it for that one.

    Bo
     
  21. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    3,770
    Location:
    Nicaragua
    Personally, I love SD or any of the other LV programs that I used in the past but for me, they are great for trying programs or trying changes in the PC. I don't use them for security.

    Bo
     
  22. Tyrizian

    Tyrizian Registered Member

    Joined:
    Apr 26, 2012
    Posts:
    2,806
    Ok, I added my USB Drive letters to "Forced Folders" and this is the config I get...

    [USB]

    Enabled=y
    ConfigLevel=7
    AutoRecover=y
    Template=AutoRecoverIgnore
    Template=Firefox_Phishing_DirectAccess
    Template=LingerPrograms
    Template=BlockPorts
    RecoverFolder=%Desktop%
    RecoverFolder=%Favorites%
    RecoverFolder=%Personal%
    RecoverFolder=%{374DE290-123F-4565-9164-39C4925E467B}%
    BorderColor=#00FFFF,ttl
    ForceFolder=I:\
    ForceFolder=H:\

    So far, I am very pleased how well this is working.
     
  23. Tyrizian

    Tyrizian Registered Member

    Joined:
    Apr 26, 2012
    Posts:
    2,806
    I added my drive letters, but what is your config for the above? I would like to restrict internet access as well, for those USB Drives.
     
  24. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    3,770
    Location:
    Nicaragua
    Go to Sandbox settings>Restrictions>Internet access, select "All programs can access the internet" and click remove, apply.

    Bo
     
  25. Tyrizian

    Tyrizian Registered Member

    Joined:
    Apr 26, 2012
    Posts:
    2,806
    Thank you very much, shows how much I explore through the options hahaha :D

    I think this worked

    Does this look about right?

    [USB]

    Enabled=y
    ConfigLevel=7
    AutoRecover=y
    Template=AutoRecoverIgnore
    Template=Firefox_Phishing_DirectAccess
    Template=LingerPrograms
    Template=BlockPorts
    RecoverFolder=%Desktop%
    RecoverFolder=%Favorites%
    RecoverFolder=%Personal%
    RecoverFolder=%{374DE290-123F-4565-9164-39C4925E467B}%
    BorderColor=#00FFFF,ttl
    ForceFolder=I:\
    ForceFolder=H:\
    NotifyInternetAccessDenied=y
     
Loading...