Discussion in 'other anti-malware software' started by cheater87, May 11, 2008.
What programs should I uninstall or disable features of
IMO you have already have a lot of protection even without Sandboxie.
I think you can go without Spyware Terminator. Also maybe you should decide between Defence+ and Sandboxie.
I turned off Defense because I'm sandboxed.
You can also LOCK your data folders with Sandboxie, while you are surfing on the internet.
No malware or bad guy, including you on the internet is able to read or write or steal anything in these locked data folders.
This counts for all sandboxed applications.
DefenseWall HIPS, which is a policy-based sandbox, does the same thing for untrusted applications.
Cheater you can configure your sandbox so that nothing in the sandbox can get to your data. Also you can configure it so that only your browser can run in the sandbox, nothing else, and finally so that only your browser can access the net from the sandbox.
All I run is Sandboxie, OA paid, and I do run SSM as an add on to OA, but probably could do with out it. Thats it.
Hi cheater,Imo I think you made good choice and I think with sandboxie, not much else is needed other then a firewall and maybe your avast.
How do I lock folders
Open the GUI
Sandbox>Default box(or the name you chose)>Sandbox settings>Resource Access>File Access>Blocked Access
Then click Add and have at.
What do I pick
Just put the folders where you have personal data.
You can choose to block access to anything that may be personal or sensitive in nature. For example, I block access to my data partition. Just remember, if you block access to a file/folder, when you download something with Sandboxie, you can't recover to that location. What I do is recover the downloaded file to my desktop and run scans on the file and then manually move it to it's permanent location.
You can also run scans on the newly downloaded file while it's in the sandbox.
Edit: WSFuser beat me to it.
Great choice of protection cheater...
Check out wraithdu's rules for sandboxie, for not allowing anything to run in the sandbox, except the program you choose.
These rules have served me well and they are pretty restrictive.
Obviously, customize for your needs.
Will sandboxing just Firefox with Noscript be good enough
Ideally, you would sandbox anything that has access to the internet that is not just looking at or updating from specific locations. So, in that case, you be the judge.
Yes, don't worry about all the extra rules for now until you understand what Sandboxie does. If you want to tighten things up later then go for it.
If you do any financial transactions with the sandboxed browser, just remember to empty it before and after the transaction. Enjoy your new found protection and freedom .
I myself have 3 sandboxes:
1.- Firefox+NoScript sandboxed
(Only firefox and pdf viewer can run; only firefox can connect to the internet)
2.- IE sandboxed
(only IE can run)
3.- Every program that runs from USB or CD sandboxed by default
(no program can connect to the internet)
I also have it set with:
- Data partition locked
- Sandoxes delete automaticaly once all programs are closed
How can this be done? I know you need the paid version to use more than one sandbox, which I have. I would be very interested to learn about this. Is it similar to DW's option, or can it be, to run removeable devices as untrusted?
How do I have the sandbox delete when the apps are closed
Sandbox-defaultbox-Sandbox settings-Delete-Invocation and tick Automatically delete contents of sandbox then click apply.
As innerpeace said....Sandbox-defaultbox-Sandbox settings-Delete-Invocation and tick Automatically delete contents of sandbox then click apply.
Then use the below as a guide.
see the screenshots:
1.- blocking Internet Access:
2.- forcing programs:
(In order to be able to configure SBIE to force USB programs, you must connect an USB, so SBIE "sees" the folder -in this case f: and g:, I connected 2 USB drives at the same time, configured sandboxie and removed them)
Oh okay. I thought there was a way to configure SBIE to recognize portable variables; such as %\portableapps\ This will work too, but I'll just need to set everything up one at a time.
Hi, i guess its a remote case and your config. is oke but to be max. protected i should add the very restrictive Wraitdu rules to your .ini in case something hiyack your browser and can send out.
Separate names with a comma.