What is your security setup these days?

Discussion in 'other anti-malware software' started by dja2k, Dec 15, 2005.

  1. Quassar

    Quassar Registered Member

    Joined:
    Oct 19, 2011
    Posts:
    193
    Location:
    Poland
    Last edited: Jan 23, 2013
  2. merisi

    merisi Registered Member

    Joined:
    Dec 17, 2012
    Posts:
    316
    Amit, I'm interested in what the correct way is to configure Sandboxie? I thought it was pretty much ok as it is with 64 bit protection and auto delete or have I missed out on something?
     
  3. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    5,981
    Location:
    Nicaragua
    You can run Windows Explorer sandboxed, what we should not do is force Windows Explorer to run sandboxed. If you try to force Windows Explorer, SBIE gives the message that doing so is not recommended. If you force WE, you will get errors. On the other hand, Sandboxie allows you to sandbox Explorer to navigate to files.

    If you go to the Sandboxie menu in Start, you will see an option there to open WE sandboxed. If you click on it, WE will attempt to open in your default sandbox but if you are using a restricted default sandbox, Explorer wont open. So, you can either right click on WE and choose to run it in another sandbox or to make it easier, you can create a sandboxed shortcut for it and place it in your desktop or taskbar. I have mine in the taskbar and I use it occasionally. Even though, I am using the paid version, using a sandboxed Windows Explorer comes handy some times.

    If you like to create a shortcut for Explorer. Create a new sandbox and name it something like WE, I disabled internet access and allow all programs to run on mine. Then follow the instructions from the link on how to create the shortcut.

    http://www.sandboxie.com/index.php?ConfigureMenu#shell

    Bo
     
  4. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    5,981
    Location:
    Nicaragua
    The correct way to configure SBIE depends on what you are going to use Sandboxie for. In my opinion, the default sandbox is strong as it is, it is setup by Tzuk in a way that makes it easy to use for people that just started using SBIE. Again, in my opinion, when people start using SBIE, for the first few weeks or months the new user should use a default sandbox until it gets a good feeling of how the sandbox works.

    I see a lot of people start restricting the sandbox right away after installing SBIE for the first time and then when they start getting a bunch of messages from SBIE, they think that SBIE is not working properly when that is not the case.

    By the way, I do believe that the default setting of the default sandbox is well balanced in the sense that is secure and comfortable to use. If I was you, I would just change three settings at this time. Make sure the sandbox deletes on closing, set recovery so you can save files and allow bookmarks to be saved out of the sandbox.

    Later, when you get a good feel about SBIE, create more sandboxes and use the restrictions on the ones that can be restricted without interfering with usability. Sandboxie is very easy to use but you should read about it. There is plenty information on this forum and at the Sandboxie forum.

    Bo
     
  5. ams963

    ams963 Registered Member

    Joined:
    May 3, 2011
    Posts:
    5,974
    Location:
    Parallel Universe
    @merisi
    Well Bo explained very nicely. :):thumb:
     
  6. CoolWebSearch

    CoolWebSearch Registered Member

    Joined:
    Sep 30, 2007
    Posts:
    1,247
    I also needed several months to learn how to configure SBIE.
     
  7. CoolWebSearch

    CoolWebSearch Registered Member

    Joined:
    Sep 30, 2007
    Posts:
    1,247
    OK, big thanks, I just remembered that ssj100 has shown on youtube how to sandbox WE, and it is basically exactly what you said, I will look for it, but also take a look at this link you gave me.
    Big thanks.
     
  8. CoolWebSearch

    CoolWebSearch Registered Member

    Joined:
    Sep 30, 2007
    Posts:
    1,247
    How exactly WinPatrol Plus protects my computer system? I installed it and I don't know what to do with it. I see many people here use WinPatrol Plus, why?
    I want to try it myself, but I don't know what to do with it?
     
  9. Arcanez

    Arcanez Registered Member

    Joined:
    Oct 5, 2011
    Posts:
    404
    Location:
    Event Horizon
    I think it should be like a hips basically, so it should tell you about any changes on your Computer. The main difference between the paid and the free Version is that the paid Version is proactive and the free Version just reactive so Winpatrol PLUS should be HIPS (prevention) where as Winpatrol free should be HIDS (Detection). I'm not quite sure though:isay:
     
  10. merisi

    merisi Registered Member

    Joined:
    Dec 17, 2012
    Posts:
    316
    Thanks Bo. I have been using Sandboxie for over a year so I'm quite embarrassed to find out there is more to it than I realised but I've been learning a lot on Wilders in the last month.

    I think I'll create a new Sandbox to tweak around with things before I lock any configurations but I will do as you suggested and read up on this first.
     
  11. De Hollander

    De Hollander Registered Member

    Joined:
    Sep 10, 2005
    Posts:
    718
    Location:
    Windmills and cows
    After a couple of year of absence back to my signature. :thumb: :D
     
  12. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    5,981
    Location:
    Nicaragua
    CWS:cool: , you are welcome.
    You know, actually, you shouldn't feel embarrassed by using SBIE the way you have so far because now you know that SBIE works well just the way it comes out of the box. Your confidence in Sandboxie should be greater now than it was early today, you have been using SBIE on default and you havent been infected. You don't need to hear from anyone telling you that SBIE works great on default and now when you start to make restrictions in your sandbox, if SBIE behaves differently than it has in the year that you used it or if you get a message from SBIE, you ll know that it is related to the changes you made and is not an error.

    Bo
     
  13. luciddream

    luciddream Registered Member

    Joined:
    Mar 22, 2007
    Posts:
    2,545
    Just because programs recommend having that much physical memory in place doesn't mean they'll use it all. They're assuming you'll of course have other stuff on there too and taking that into consideration.

    If you want a true outbound firewall, LooknStop IMO is your best bet. It's the lightest outbound FW I've ever seen. Yes, it is paid. And no, it hasn't been updated in ages. But it's just what your low spec box needs if you want a true outbound FW.

    Personally, back when I ran with 1 GB of RAM (not long ago at all) my setup was plenty snappy with Comodo FW & D+ on it. And I even used a real-time AV then too (Avira- File Guard only). I can't see it slowing down your box much, if at all, even with 1 gig.

    If you don't want a full blown HIPS but find the functionality in WinPatrol useful to you, then yes it's ideal for you.

    If you're a Firefox user you may also want to look into the VT Hash Check/Download Statusbar method, as an alternative to a real-time AV. Of course you could just use VT Hash Check to shell (right click) scan files before recovering them from SBIE too. If you don't download things often it's not much convenience lost. And 1 less thing to allow in SBIE restrictions.

    Also you should definitely not have to disable the Windows (XP) FW on account of anything, including Malware Defender. I've yet to meet an app it will conflict with. And if you feel confident that everything on your box is clean & trustworthy, and have an image(s) handy, then heck... roll with just the XP FW + router (if you have one). Doesn't get lighter than that. That method Bo mentioned to sandbox removable drives/USB ports will help cover vectors otherwise lost too. As will WinPatrol if you decide to stick with it.

    If you use XP Pro there's a tweak to harden it via a GP edit I posted in the FW forum some time ago. Should be on page 2 or 3, not too far buried. Titled: "How to harden XP Pro FW"... or something like that. It might make you sleep better at night ; )
     
    Last edited: Jan 23, 2013
  14. CoolWebSearch

    CoolWebSearch Registered Member

    Joined:
    Sep 30, 2007
    Posts:
    1,247
    Well, I've been surfing on even dangerous websites without Windows XP firewall, but with my router's firewall and still nothing has been able to penetrate it (that's how much it is good), however I still decided to use Windows XP firewall.

    I don't know if the newest Comodo Firewall's version will work on my 1 gigabytes of ram memory, but honestly I don't need it. My computer system is 100% clean, I reinstall it every 3 months, from scratch.
    I use configured paid Sandboxie.
    I don't need anything else, at least not on this computer.

    It is possible to tweak via GP edit? Sorry, I don't understand what does this mean, but I'd like to know what do you mean, I'll try to find it...
     
  15. merisi

    merisi Registered Member

    Joined:
    Dec 17, 2012
    Posts:
    316
    When you put it like that you're absolutely right Bo, SBIE has protected me and stopped me from having any problems bearing in mind my av until recently was McAfee. I have made a few changes to SBIE because I have numerous sandboxes for different tasks and I just modified them in settings so only the one program I want running is allowed and that certain browsers are automatically sandboxed but I can change bookmarks. I never knew I could do half this stuff and I must admit I like SBIE even more.
     
  16. LoneWolf

    LoneWolf Registered Member

    Joined:
    Jan 2, 2006
    Posts:
    3,683
    That's the last version "xiaolin" developed before turning MD over to 360Labs.(and also going to work for them)
    I don't believe there is much difference between 2.6 and the most current version, only cosmetic changes such as new tray icon.
    Besides 2.6 is bought and paid for here and runs without issues.
     
  17. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    13,742
    Location:
    Canada
    Malware Defender :thumb:
     
  18. LoneWolf

    LoneWolf Registered Member

    Joined:
    Jan 2, 2006
    Posts:
    3,683
    I'm using version 3.76

    I have XP firewall on with MD running, no conflicts here.
     
  19. DX2

    DX2 Guest

    Switched Comodo FW out for LNS 64b. Comodo was messing up my wifi connection, kept losing connectivity.

    MBam for OD
     
  20. ichito

    ichito Registered Member

    Joined:
    Jan 14, 2011
    Posts:
    1,964
    Location:
    Poland - Cracow
    OK...thanks for explanation :thumb:
     
  21. zitch

    zitch Guest

    I am "outed"...:ninja:
     
  22. luciddream

    luciddream Registered Member

    Joined:
    Mar 22, 2007
    Posts:
    2,545
    First, you need to be running the Pro version of XP to be able to utilize it. If you are... the thread is actually all the way back on Page 5. I didn't realize there were that many new threads in the FW section since then.

    Also, I wasn't recommending you use v6 of Comodo FW at all. Go with version 5.10, if at all. But I agree you'll be fine without it.

    I highly recommend VT Hash Check as either an on demand scanner, to hit things up before recovering them from SBIE... or in the manner I suggested if you're a Firefox user for footprint free automatic scanning of new downloads.

    GP = Group Policy... only available on the Pro version of XP. To get in there enter "gpedit.msc" (without the quotes) into the "Run" box.

    I like your setup
     
  23. luciddream

    luciddream Registered Member

    Joined:
    Mar 22, 2007
    Posts:
    2,545
    Nice setup

    :D :thumb:
     
  24. VectorFool

    VectorFool Registered Member

    Joined:
    Oct 21, 2012
    Posts:
    280
    Location:
    India
    Ha ha
    am a comics fan myself :D
     
  25. nikanthpromod

    nikanthpromod Registered Member

    Joined:
    Oct 9, 2009
    Posts:
    1,369
    Location:
    India
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.