Virtual Sandbox

Discussion in 'other anti-malware software' started by Diprivan, Mar 25, 2006.

Thread Status:
Not open for further replies.
  1. Diprivan

    Diprivan Registered Member

    Joined:
    Mar 25, 2006
    Posts:
    66
    Has anyone tried Virtual Sandbox (www.fortresgrand.com)
    How does it compare to DefenseWall / Bufferzone / Sandboxie etc?
     
    Last edited by a moderator: Apr 12, 2006
  2. Franklin

    Franklin Registered Member

    Joined:
    May 12, 2005
    Posts:
    2,517
    Location:
    West Aussie
  3. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    8,038
    Location:
    The Netherlands
    I have checked it out and I´m still playing with it but I didn´t like the fact that it could not display my IE favorites automaticly, plus I also don´t like to be prompted about if an unknown app should run normally or sandboxed. Overall it´s an interesting app which also runs quite smoothly but at the moment it does not seem to be the sandboxing solution I´m looking for. :rolleyes:
     
  4. Rivalen

    Rivalen Registered Member

    Joined:
    Oct 18, 2005
    Posts:
    413
    Defensewall is mainly aiming for Internet Security - i e safe surfing, downloads and emailing.

    Outlook, IE and similar are untrusted = in the sandbox.

    I have added A: and D: to the untrusted for further sandbox-protection.

    I save docs, pictures - everything - into my docs - so have have put my docs into "secured files" so that info cant be stolen.

    Word, Excel - "normal programs" that you trust and that arent onto internet -except for updates (ie MSAS) - all those are trusted.

    No popups whatssoever. Support answers very quickly.

    I am not an expert about how DW works so you should visit there site which you probably did already.

    Cant compare cause I have only used DW and will stick to DW until it fails me.

    Best Regards
     
  5. Diprivan

    Diprivan Registered Member

    Joined:
    Mar 25, 2006
    Posts:
    66
    I personally have settled on DefenseWall. First of all the software is stable and simple to use. The developer is very responsive and is quick to issue bug fixes. However I am a relative newbee and in a poor position to judge the efficacy of this type of software. It still seems to me that DW should be a killer security app, but I am very surprised that it hasn't created more of a stir at Wilder's. It seems that the small hardcore of frequent posters aren't particularly taken with this Sandbox-HIPS approach. For my education it would be interesting to hear their thoughts on the matter.
     
  6. Ilya Rabinovich

    Ilya Rabinovich Developer

    Joined:
    Sep 13, 2005
    Posts:
    1,543
    Hi everybody!

    First of all, as about subject- well, there are a lot of problems with this program if you have more that one logical disk in the system. My IE couldn't start, for instance. Also, it uses ring3-hooks inside the protection engine that couldn't be accepted as a good practice. :)

    As about sandbox HIPS- the thing is that, originally, sandbox HIPS are for the regular (non-technical) users. As for the professional users (most of the Wilders posters)- they prefer classical HIPS and AV engines and, usually, don't discuss sandbox HIPS. I suppose, that there should came some time to change this situation.

    As about stir- I have a lot of my work with the new versions and compatibility issues (as I do right now!). I have no paid people, I don't think spaming forums with the posts like "look at my great super-puper software! BUY IT RIGHT NOW!" :) is a good idea.

    Now I concentrate on getting independent reviews to prove sandbox HIPS conception and DefenseWall itself as just a good and simple protective software for every users in the world! I believe that facts are much better then hollow words!
     
  7. Fernando Villegas

    Fernando Villegas Registered Member

    Joined:
    Dec 3, 2005
    Posts:
    55
    Location:
    Santiago de Chile
    Not paid in monetary terms. Perhaps. But paid in other ways.
     
  8. David50

    David50 Registered Member

    Joined:
    Apr 20, 2006
    Posts:
    3
    I am a developer working on Virtual Sandbox. We have fixed this issue. It should be in the online update in a couple of days. The fix also applies to Firefox, Opera, Netscape, AOL, Mozilla, and Avant browsers.

    This is not an easy one. Please, if you wouldn't mind, what behavior would you prefer when an unknown application is encountered?

    Reflecting your concern, the windows hook is separate from all Virtual Sandbox code implementing security. The hook here is an autonomous piece of code that simply displays the Virtual Sandbox system button on the caption bar of applications that are running in an isolated sandbox.
     
  9. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    8,038
    Location:
    The Netherlands
    Hi David50,

    I guess I don´t like the current approach, I have my own idea about how a sandbox should work. I think that you should have the ability to add certain apps to the "sandbox list" these apps will always run sandboxed. Files downloaded via the browser should also run sandboxed with the ability to move them out if you trust a certain app.

    I do not want to be promted about all other apps, if I don´t add them to the list they should be able to run freely. I think DefenseWall and BufferZone come close to what I want. But BufferZone is a resource hog and DefenseWall´s GUI is simply ridiculous. :gack:

    And btw, on my virtual machine, the Virtual Sandbox configuration wizard is taking extremely long to complete, very frustrating. :thumbd:
     
    Last edited: Apr 21, 2006
  10. David50

    David50 Registered Member

    Joined:
    Apr 20, 2006
    Posts:
    3
    There is a “sandbox list”. There are actually four exclusive lists for applications, classifying how they should launch. In Virtual Sandbox parlance each known application has an assignable Treatment Option. The Treatment Options are:
    1. Start normally
    2. Do not allow to start
    3. Prompt the user
    4. Launch in Default Sandbox

    New programs that are downloaded (or copied or installed from removable media, etc.) are automatically placed in the “Prompt the user” list. (Except, new programs signed by a “trusted” publisher, are placed in the “Start normally” list.)

    Per your suggestion, we will add the ability, probably under the Options menu, to automatically assign newly downloaded programs to the “Launch in Default Sandbox” list.
    With respect to the configuration wizard, it has to search for executables and verify digitally signed files. We have tried to make it as fast as possible; unfortunately these operations take time and presently must be completed during the install. We will revisit the wizard to see if we can speed it up or defer certain operations.
     
  11. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    I have one big problem with virtual protection in general.
    I just don't know against what I'm protected and against what I'm NOT protected.

    If I use a software like Faronic's Anti-Executable, I have at least a very good idea what it does.
    If I use any scanner, I've to guess what it does.
    If I use any sandbox, I've to guess what it does.
    Maybe that's the explanation for layered security : if you don't what some security softwares do, another software MIGHT do the job. :)
     
  12. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    8,038
    Location:
    The Netherlands
    @ David50
    But that´s the thing, like I said, I do not like the current approach, I do not want Virtual Sandbox to do a startup scan, and I don´t want to be prompted about anything. The way it´s working right now is too intrusive. But I guess this app is not suited for me. ;)
     
  13. gderreck

    gderreck Registered Member

    Joined:
    Mar 17, 2005
    Posts:
    24
    This is directed to David. I have purchased the product. It does not allow anything to pass. That can be cumbersome but provides the best protection. I have a question. How do you create a custom sandbox. Typically for the default sandbox, I don't want internet access. But I do for IE. Also, if I'm going to run IE in a sandbox, I want it to be able to save favourites, cookies and add-ons (you'd probably want to be promted for downloaded program files). I don't want that to be general behaviour in the defaut box. My preference would be to have a restrictive default, and the ability to create a custom sandbox for certain apps. How do I do this? The help files is generally well thought out, but it either does not address this, or I saw it and didn't know it.

    Regards
     
  14. gderreck

    gderreck Registered Member

    Joined:
    Mar 17, 2005
    Posts:
    24
    PS
    You need a fourth option for each application: create a custom sandbox. In time, you should create default sandboxed for certain applictions: internet browsers, chat applications, etc.
     
  15. SDS909

    SDS909 Registered Member

    Joined:
    Apr 8, 2005
    Posts:
    333
  16. stewieg

    stewieg Registered Member

    Joined:
    May 24, 2006
    Posts:
    3
    I disagree. I tested both of these programs out, and I found sandboxie to be a bit overrated. For one thing, the interface wasn't very navicable or intuitive IMOHO. And any of the "features" that it had, you had to register for it to activate any of that. I just didn't like the feel of it very much. I wasn't sure what was going on behind the scenes to know whether anything or not was trying to compromise my computer. I felt that it was too easy to accidently "approve" (is that the right word?) potentially malicous executables.

    After I tested that out, I used virtual sandbox and found it to be exactly what I needed. I agree with gderrek in that I'd like for my favorites to be saved, so if david50 is listening, do you guys plan to add this feature anytime soon?

    Even though virtual sandbox prompts all of the time for any new "unknown" program that is trying to run, I sort of like that part about it in the sense that if I don't know about it, I'd like to see what it's all about before I let it run freely. I agree that it was a bit annoying at first, but after you get it configured, and get the general things out of the way via digital signature trusting, etc., it has been running smoothly ever since. I also liked the sandbox explorer portion so I could see exactly what each sandbox was trying to do. Alright, I've rambled enough.
     
  17. David50

    David50 Registered Member

    Joined:
    Apr 20, 2006
    Posts:
    3
    This is a typical developer response, but anyway…Version 1.1 easily supports multiple sandbox configurations. It is a free upgrade and should be out at the end of next week.

    There is a way to accomplish what you want with your current version by using the command line tool, FGVSCMD.EXE. It can create custom sandbox configurations on the fly. This is sparsely documented in the help file. Just as an example though, to spark up a sandbox with Internet access running IE (starting at the page www.WildersSecurity.com) you could issue the command:

    C:\Program Files\Fortres Grand\Virtual Sandbox 1.0\FGVSCmd –bij –f C:\Windows –f “C:\Program Files” www.WildersSecurity.com

    Typical response again…Version 1.1 provides an option to map your actual favorites and cookies into the synthetic, and otherwise empty, user profile created for each sandbox.
     
Loading...
Thread Status:
Not open for further replies.