VoodooShield/Cyberlock

Kinda like this....Boom!

[Folder]

Enabled=y
ConfigLevel=7
AutoRecover=y
Template=BlockPorts
Template=LingerPrograms
Template=AutoRecoverIgnore
RecoverFolder=%{374DE290-123F-4565-9164-39C4925E467B}%
RecoverFolder=%Personal%
RecoverFolder=%Favorites%
RecoverFolder=%Desktop%
NeverDelete=n
ForceFolder=C:\Users\Ken DeMuth\Downloads\Sandbox Folder
DropAdminRights=y
NotifyInternetAccessDenied=y
NotifyStartRunAccessDenied=y
ClosedFilePath=!<InternetAccess_Folder>,\Device\Http\*
ClosedFilePath=!<InternetAccess_Folder>,\Device\Nsi
ClosedFilePath=!<InternetAccess_Folder>,\Device\RawIp6
ClosedFilePath=!<InternetAccess_Folder>,\Device\Udp6
ClosedFilePath=!<InternetAccess_Folder>,\Device\Tcp6
ClosedFilePath=!<InternetAccess_Folder>,\Device\Ip6
ClosedFilePath=!<InternetAccess_Folder>,\Device\RawIp
ClosedFilePath=!<InternetAccess_Folder>,\Device\Udp
ClosedFilePath=!<InternetAccess_Folder>,\Device\Tcp
ClosedFilePath=!<InternetAccess_Folder>,\Device\Ip
ClosedFilePath=!<InternetAccess_Folder>,\Device\Afd*

 

a big woooo to that man can i use same set up?it looks good
i am not a pro with sandboxie how can i go to this locations to be change?

 

Of course buddy. All you have to do is open up you sandboxie.ini file and add this to it. Or you can just go into sandboxie, create a new sandbox labeled folder or whatever. Then go into setting, allow all things to run but disallow internet access to everything. You can also go into restrictions and tick drop rights.

 

THANK YOU

 

No problem.

 

Correct

 

So go to forced folders and add whatever folder you want...Restrictions>Internet Access>Block all programs...anything else?

 

Sandboxie has been set up that way on my computer for a couple of years, and no malware has bypassed it yet. All downloads get checked with an on-demand scanner before being moved out of the download folder.

 

Why make another folder? when you download with your browser it's going to stay in that sandbox until you recover it

 

It's the Download folder that is sandboxed. Is this what you are asking about? http://www.sandboxie.com/index.php?ProgramStartSettings

 

Yes if you have immediate recovery, like I do, then it gets recovered and out of the sandbox. I have the folder set up so anything that is recovered is still held in a sandboxed folder. Things are allowed to run but have no internet access. So if malware was able to self execute it wouldn't run far and wouldn't be able to call out.

 

Yes

Your browser isn't sandboxed?

 

Yes it has its own sandbox. You know that in the pro version of Sandboxie you can have more than one sandbox?

Dan I hope you don't feel your thread has been hijacked. On the plus side is that some of us think VoodooShield is a good match for Sandboxie.

 

Yea I have the paid version, but why create a special sandboxed folder for downloads?

 

Latest Emsisoft host rules (surf protection) is blocking VS website. I removed rule and reported as FP on their website.

 

Any comments about trying to run MBAE and VS together ?

- Why would anyone bother?
- Any known conflicts?
- Anyone doing this with success?

Any opinions welcome.

[PS - Apologies if this topic covered previously with now superseded versions. ]

-cheers,
feandur

 

I think so with the proviso that it hasn't found a way to thwart SB.

 

Is there any plan to sell VS with lifetime licenses?

What about include the whitelist in the program interface, doesn't make much sense to have it in the browser and also it requires internet connection.

 

I have just upgraded to Win 8.1 and the bug I have with VS opening slowly seems to have disappeared for the present. I have re-booted several times and it is consistent.

If you remember it was VMLite causing the slow down. It still runs when I need it but no longer seems to pre-load which it did before.

I am running 1.27 and appears to run ok with 8.1

 

Been running 1.27 in Win 8.1 pro for the last 3 weeks. The only thing that doesn't work sometimes is the virustotal lookup during the prompt. Also sometimes the allow button to acknowledge. Other than that it works great.

 

I do not mind at all, I like learning about Sandboxie, I think it is a great program!!!

 

@ G1111 and stapp

Cool, thank you for your help!!!

 

They work great together, but it is hard to find exploits on the web to test to be sure. I think in the end, as I understand it, there are a lot of similarities between the two with the exception of the following:

1. MBAE blocks payloads from exploits only, whereas VS blocks everything that is not on the whitelist while it is ON.

2. VS has the desktop shield gadget, toggling with the web apps and whitelist snapshot.

3. MBAE toggles ON to protect web apps, just like VS, but I hope it does not toggle OFF to learn new processes (and then back ON again when a web app is launched, while taking a snapshot to whitelist items). If this is true, then they are both utilizing an "Application Shielding" (a term coined by MBAE) feature that we first developed over 2.5 years ago.

Pedro insists that MBAE is not an AE, but ultimately what MBAE does is block payloads that are spawned from exploits, so maybe I am missing something. Whereas VS just blocks everything that is not on the tiny, customized whitelist that it automatically builds with its proprietary features.

I personally think it would be cool if VS had a feature similar to MBAE that specifically watched for exploits (as a secondary precaution), but it is certainly not necessary since VS just blocks everything.

 

Yeah, I would think it would be pretty much impossible to get around SB.