Sandboxie with SD: help

Discussion in 'sandboxing & virtualization' started by marse.robert, Jul 13, 2012.

Thread Status:
Not open for further replies.
  1. marse.robert

    marse.robert Registered Member

    Joined:
    Nov 3, 2004
    Posts:
    255
    Location:
    Langar: Nottinghamshire: UK
    Hi all

    I liked the look of Sandbxie so I purchased it. I liked the look of Shadow Defender so I purchased it.

    I installed Sandboxie and the result was perfection. I installed Shadow Defender on another machine and the result was perfection.

    I read on these pages that Sandboxie and SD work well together, and in my inexperience, is this not overkill? If I run these two applications in tandem: Sandboxie clears anything that my Web activities, and when I reboot SD returns my OS to its previous state - am I correct?

    Regards

    Marse
     
  2. Blues7

    Blues7 Registered Member

    Joined:
    May 11, 2009
    Posts:
    858
    Location:
    Blue Ridge Mountains
    I use Sandboxie and Shadow Defender in tandem on my wife's machine.

    The beauty of using them together (imho) is that Sandboxie adds the ability to enforce certain policy restrictions to your usage and activity whereas SD will only restore (upon reboot) to the prior state and health of your system.

    So if, for example, you are concerned about potential keyloggers running or processes connecting out while running your browser or other internet facing apps, you can restrict those (and other) activities for any apps running within the sandbox. You can also prevent programs and processes running in the sandbox from accessing private data from any number of apps or documents.
    When you delete the sandbox (if you choose to automatically delete) any potential issues/malware encountered are flushed as well.

    SD is a great program but in itself does not limit the activities of the apps you run nor the ability of your data and privacy to be compromised...thus it is a great layer in your system security as well as an effective line in the sand beyond which you can have confidence that your system will be restored to its prior state.

    As mentioned, in my wife's setup I run them in tandem with the only other real-time app being PrivateFirewall for the security it provides as a firewall/HIPS/anti-logger.

    It all just depends on your own particular security needs.
     
    Last edited: Jul 13, 2012
  3. Blues7

    Blues7 Registered Member

    Joined:
    May 11, 2009
    Posts:
    858
    Location:
    Blue Ridge Mountains
    One practical way of using the two apps in concert is to create a "downloads" folder on your desktop to which any apps, images, files etc. are sent while browsing.

    "Force" this folder to run within one of your Sandboxie sandboxes.
    This will enforce a rule that any application starting from within this folder will automatically be sandboxed.

    Additionally, add that downloads folder to the "exclusion list" in Shadow Defender to automatically allow anything placed within that folder to survive the reboot. This way, for example, if you download an app you want to install when you leave "Shadow Mode", it will still be available to you.

    The beauty of the setup is that even though you are now out of Shadow Mode, the app still does not have access to your "real" system (due to Sandboxie) until you decide to install it there following your tests (within Sandboxie) or scanning it with whatever AV / Anti-Malware apps you choose to make use of.
     
  4. The Shadow

    The Shadow Registered Member

    Joined:
    Jan 24, 2012
    Posts:
    814
    Location:
    USA
    Hey Blues, how's it going?

    You just interested me in possibly adding Sandboxie to my setup (along with SD). Can you point me to a good tutorial on how to use it?

    Regards,
    TS
     
  5. Blues7

    Blues7 Registered Member

    Joined:
    May 11, 2009
    Posts:
    858
    Location:
    Blue Ridge Mountains
    TS, glad to be able to return the favor. :cool:

    This link should get you started with the essential info...the rest (and I'm far from an expert) comes as you get more familiar with the possibilities this great software has to offer.
     
  6. The Shadow

    The Shadow Registered Member

    Joined:
    Jan 24, 2012
    Posts:
    814
    Location:
    USA
    Blues, ty
     
  7. Dark Shadow

    Dark Shadow Registered Member

    Joined:
    Oct 11, 2007
    Posts:
    4,553
    Location:
    USA
    Sandboxie Alone is amazing,adding Shadow Defender is like a maximum security prison inside another maximum security Prison.:D
     
  8. The Shadow

    The Shadow Registered Member

    Joined:
    Jan 24, 2012
    Posts:
    814
    Location:
    USA
    ...with relatively little resources! ;)
     
  9. Dark Shadow

    Dark Shadow Registered Member

    Joined:
    Oct 11, 2007
    Posts:
    4,553
    Location:
    USA
    Yes sir.
     
  10. LoneWolf

    LoneWolf Registered Member

    Joined:
    Jan 2, 2006
    Posts:
    3,408
    Very well put. :thumb:
     
  11. CyberMan969

    CyberMan969 Registered Member

    Joined:
    Apr 21, 2011
    Posts:
    589
    I also use them together and they work great. The beauty of Sandboxie for me is that I can test suspect apps, and just by browsing the sandbox folder I can safely see at a glance what changes would have been applied to the real system if the program was to run outside the sandbox.
     
  12. Dark Shadow

    Dark Shadow Registered Member

    Joined:
    Oct 11, 2007
    Posts:
    4,553
    Location:
    USA
    Thanks LoneWolf
     
  13. Osaban

    Osaban Registered Member

    Joined:
    Apr 11, 2005
    Posts:
    4,222
    Nice! To complete the picture how are you going to tell who is guilty or innocent?
     
  14. Dark Shadow

    Dark Shadow Registered Member

    Joined:
    Oct 11, 2007
    Posts:
    4,553
    Location:
    USA
    Good question,I will put it this way, If any thing breaks out I will take the blame. I can't Imagine anything escaping on its own.Its always possiable but highly unlikely.
     
  15. Flexigav

    Flexigav Registered Member

    Joined:
    Sep 5, 2012
    Posts:
    57
    Location:
    Australia
    With SD alone, when a new application under test requires a reboot as part of its' installation, you would have to exclude it from SD deletion when rebooting or you will lose it! Excluding it means it will start automatically as part of the reboot process and even if SD is set to be invoked automatically at bootup, I can never be sure if SD is in place before the program being installed!

    I think you guys are onto something good here, even if SD will keep a new installation in its' protective shield for continued observation after an installation reboot requirement, this double layer with Sandboxie gives further peace of mind, knowing for sure that it won't start after the reboot, free in your real environment.

    I am happy to know they work well together :thumb:
     
  16. PJC

    PJC Very Frequent Poster

    Joined:
    Feb 17, 2010
    Posts:
    2,959
    Location:
    Internet
    SB with SD is a killer Combo: Ultra Light yet ultra Effective!
    Running them for about one year. :thumb:
     
Loading...
Thread Status:
Not open for further replies.