What free Sandboxe should I use ?

Discussion in 'other anti-malware software' started by HoLmEc, Jan 18, 2005.

Thread Status:
Not open for further replies.
  1. HoLmEc

    HoLmEc Registered Member

    Joined:
    Sep 30, 2004
    Posts:
    17
    Hi ppl I wonder if you could recommend me a good sandboxe program .. I already have running on-scan NOD32, BOCLEAN, Look'n'Stop (+proxomitron & firefox) .. and on-demand, once a month I run KAV on safe-mode .. I also have Microsoft AntiSpyware & AdAware .. everything running on Windows XP SP2 updated. Now I need a sandboxe program, but I would like one that is free cos i already have many programs

    I tested PrevX but I didnt like it, it slowed down my pc

    does the author of System Safety Monitor intends to turn it a shareware ? If so, then one less option for me :( Does it protect against process modification/registry dll injection/rootkit,driver,service installation/global hooks ?

    Thanks in advance
     
  2. LowWaterMark

    LowWaterMark Administrator

    Joined:
    Aug 10, 2002
    Posts:
    17,876
    Location:
    New England
    It has been quite a while and he has NOT turned that into any type of pay ware. It is quite an impressive product and I've followed it for a long time. If 'free' and 'sandbox' is your concern, then that product is worth keeping!
     
  3. bigc73542

    bigc73542 Retired Moderator

    Joined:
    Sep 21, 2003
    Posts:
    23,873
    Location:
    SW. Oklahoma
    you can check hereon SSM
     
  4. Wayne - DiamondCS

    Wayne - DiamondCS Security Expert

    Joined:
    Jul 19, 2002
    Posts:
    1,533
    Location:
    Perth, Oz
    SSM and ProcessGuard are really your only two options for a free sandbox/system firewall. PrevX is a different type of program and can't really be compared with SSM or ProcessGuard. From what we know the author of SSM has indicated that he was going to make a shareware version, but when that will be I don't know, and I'm not sure if there'll still be a free version but if you drop the author an email I'm sure he'll give you some info about that.

    ProcessGuard is the only program available that properly secures all of the above. There's a free version available for home users, although it doesn't have all of the features of the full version yet still provides some extremely powerful security (including controlling which programs can/can't run, and protecting applications from termination, modification, suspension, viewing, and other related process attacks). Both Jason and myself have spent nearly the last two years researching the Windows kernel and developing ProcessGuard fulltime, if that gives you any idea of how far ahead it is :). We've gotta say it's nice to be in contact with the SSM author - he's one of the few programmers that truly understands how difficult both the research and development can be

    Best regards,
    Wayne
     
    Last edited: Jan 18, 2005
  5. kareldjag1

    kareldjag1 Guest

    Hi,

    The only free sandboxes that i know are AbtrusionProtector, SSM, and also Winsonar.
    ProcessGuard is not the more exhaustif sandbox, but surely the more powerfull.

    There's a less well known product called Viguard (more famous in France because of some polemics).

    ***Infection System Prevention (with sandbox):

    *ProcessGuard

    *Viguard: http://www.viguard.com/en/prods_en.php

    *AbtrusionProtector: http://www.abtrusion.com/

    ***Firewall Apllication (with integrity control):

    *SystemSafetyMonitor

    *Safe'nSec : with a virus scaner;more precise than SSM. http://www.star-force.com/computer_security/security.phtml?c=249&new_prod_red=ok/
    (...)

    ***Intrusion System Prevention

    *Prevx: http://www.prevx.com

    I've submited these softs and some others to various attacks (dll injection, process termination...) and even for APIHooks(by a dev.'s friend).

    And i have to admit that PG is the more efficient because it's very difficult to corrupt(perhaps by spoofing the MD5 integrity checker).

    SSM is more vulnerable and does not impressed me.But have a good protection of the registry.

    Viguard is actually tested by a friend.It's auto-protection is less efficient than the PG one.


    Best Regards
     
  6. hojtsy

    hojtsy Registered Member

    Joined:
    Dec 28, 2003
    Posts:
    351
    I am afraid I do not understand what you mean by "registry dll injection". Is that a typo? Dll injection don't seem to have anything to do with registry. Do you mean you want protection from dll injections plus protection from unwanted changes to your registry?
    -hojtsy-
     
  7. capt.hook

    capt.hook Guest

    Isn't Sandboxie only useable with IE? What if you use another browser type? I never touch IE.
     
  8. notageek

    notageek Registered Member

    Joined:
    Jun 3, 2002
    Posts:
    1,601
    Location:
    Ohio

    I don't think HoLmEc means sandboxie. I think HoLmEc wants to know about sandbox program.
     
  9. *xavier*

    *xavier* Guest

    TPF has sandbox features that are very powerful, but not easy to figure out for the average user. Tiny did also, at one time, have TTT (Tiny Trojan Trap) which could be used along with any firewall, I wish they still had it available, it would be fun to experiment with it.
     
  10. Bowserman

    Bowserman Infrequent Poster

    Joined:
    Apr 15, 2003
    Posts:
    510
    Location:
    South Australia
    From the ProcessGuard help file:


    Regards,
    Jade :).
     
Loading...
Thread Status:
Not open for further replies.