[H] Sandboxie
Has anyone tried this software? The concept looks good. http://www.sandboxie.com/ -- Best Regards, Zulfiqar Naushad
Re: [H] Sandboxie
I use it often. Comes in very handy in testing software I'm unsure of. --Original Message-- From: Naushad Zulfiqar Sender: hardware-boun...@hardwaregroup.com To: hardware@hardwaregroup.com ReplyTo: hardware@hardwaregroup.com Subject: [H] Sandboxie Sent: Jul 4, 2009 11:58 AM Has anyone tried this software? The concept looks good. http://www.sandboxie.com/ -- Best Regards, Zulfiqar Naushad Sent via BlackBerry
Re: [H] Sandboxie
Just what I wanted to hear. Will install it now. --Original Message-- From: tmse...@rlrnews.com Sender: hardware-boun...@hardwaregroup.com To: hardware@hardwaregroup.com ReplyTo: hardware@hardwaregroup.com Subject: Re: [H] Sandboxie Sent: Jul 4, 2009 8:16 PM I use it often. Comes in very handy in testing software I'm unsure of. --Original Message-- From: Naushad Zulfiqar Sender: hardware-boun...@hardwaregroup.com To: hardware@hardwaregroup.com ReplyTo: hardware@hardwaregroup.com Subject: [H] Sandboxie Sent: Jul 4, 2009 11:58 AM Has anyone tried this software? The concept looks good. http://www.sandboxie.com/ -- Best Regards, Zulfiqar Naushad Sent via BlackBerry
Re: [H] Sandboxie
Zool, I have it; have kept it up to date, but have never tried it yet! Sandboxie.com comes highly suggested on the ESET/Wilders security forums. However, I suspect that many/most of the shares on this forum might have bigger "tin-hats" than I. I just do not know. Much of this "virtual" area stuff still leaves me scratching my head. Although, since moving to ESET, I've been infection-free (2006). Thanks again, Thane Best, Duncan Naushad Zulfiqar wrote: Has anyone tried this software? The concept looks good. http://www.sandboxie.com/
Re: [H] Sandboxie
I use it as well and love it. One great way to keep nasties from your web browser from getting into the rest of your system. There's a great episode of the Security Now! podcast dedicated to it. Be aware that it is not compatible with Vista/Win 7 64-bit due to the way they changed the security architecture. - Brian Weeden Technical Advisor Secure World Foundation On 4-Jul-09, at 1:25 PM, DSinc wrote: Zool, I have it; have kept it up to date, but have never tried it yet! Sandboxie.com comes highly suggested on the ESET/Wilders security forums. However, I suspect that many/most of the shares on this forum might have bigger "tin-hats" than I. I just do not know. Much of this "virtual" area stuff still leaves me scratching my head. Although, since moving to ESET, I've been infection-free (2006). Thanks again, Thane Best, Duncan Naushad Zulfiqar wrote: Has anyone tried this software? The concept looks good. http://www.sandboxie.com/
Re: [H] Sandboxie
Sandboxie sounds a lot like *DOS* full circle. I loved things not being dependent on windows to run. easier to get rid of too. fp At 10:51 AM 7/4/2009, Brian Weeden Poked the stick with: >I use it as well and love it. One great way to keep nasties from your >web browser from getting into the rest of your system. > >There's a great episode of the Security Now! podcast dedicated to it. > >Be aware that it is not compatible with Vista/Win 7 64-bit due to the >way they changed the security architecture. > > >- >Brian Weeden >Technical Advisor >Secure World Foundation > >On 4-Jul-09, at 1:25 PM, DSinc wrote: > >>Zool, >>I have it; have kept it up to date, but have never tried it yet! >>Sandboxie.com comes highly suggested on the ESET/Wilders security >>forums. >>However, I suspect that many/most of the shares on this forum might >>have bigger "tin-hats" than I. I just do not know. >>Much of this "virtual" area stuff still leaves me scratching my head. >>Although, since moving to ESET, I've been infection-free (2006). >>Thanks again, Thane >>Best, >>Duncan >> >> >>Naushad Zulfiqar wrote: >>>Has anyone tried this software? >>>The concept looks good. >>>http://www.sandboxie.com/ >> >>-- >>Tallyho ! ]:8) >>Taglines below ! >>-- >>Good taste is the flower of good sense.
Re: [H] Sandboxie
fp, Can you define "DOS"? My read is ANY Windows OS has a DOS GrandFather. Sorry, I missed this one. :) Best, Duncan FORC5 wrote: Sandboxie sounds a lot like *DOS* full circle. I loved things not being dependent on windows to run. easier to get rid of too. fp At 10:51 AM 7/4/2009, Brian Weeden Poked the stick with: I use it as well and love it. One great way to keep nasties from your web browser from getting into the rest of your system. There's a great episode of the Security Now! podcast dedicated to it. Be aware that it is not compatible with Vista/Win 7 64-bit due to the way they changed the security architecture. - Brian Weeden Technical Advisor Secure World Foundation On 4-Jul-09, at 1:25 PM, DSinc wrote: Zool, I have it; have kept it up to date, but have never tried it yet! Sandboxie.com comes highly suggested on the ESET/Wilders security forums. However, I suspect that many/most of the shares on this forum might have bigger "tin-hats" than I. I just do not know. Much of this "virtual" area stuff still leaves me scratching my head. Although, since moving to ESET, I've been infection-free (2006). Thanks again, Thane Best, Duncan Naushad Zulfiqar wrote: Has anyone tried this software? The concept looks good. http://www.sandboxie.com/ -- Tallyho ! ]:8) Taglines below ! -- Good taste is the flower of good sense.
Re: [H] Sandboxie
I think you're misunderstanding what Sandboxie does. Think if it as a condom for Windows. When you run an app in Sandboxie, it sits between the app and Windows. Any changes the app makes to the system are not saved unless you explicitly say so. You can also specify for each app any system resources it can access explictly. And you can specify that certain apps always run sandboxed, even when launched by other apps. Sandboxie is almost like a virtualization except you can apply it on an app by app basis. - Brian Weeden Technical Advisor Secure World Foundation On 4-Jul-09, at 2:09 PM, FORC5 wrote: Sandboxie sounds a lot like *DOS* full circle. I loved things not being dependent on windows to run. easier to get rid of too. fp At 10:51 AM 7/4/2009, Brian Weeden Poked the stick with: I use it as well and love it. One great way to keep nasties from your web browser from getting into the rest of your system. There's a great episode of the Security Now! podcast dedicated to it. Be aware that it is not compatible with Vista/Win 7 64-bit due to the way they changed the security architecture. - Brian Weeden Technical Advisor Secure World Foundation On 4-Jul-09, at 1:25 PM, DSinc wrote: Zool, I have it; have kept it up to date, but have never tried it yet! Sandboxie.com comes highly suggested on the ESET/Wilders security forums. However, I suspect that many/most of the shares on this forum might have bigger "tin-hats" than I. I just do not know. Much of this "virtual" area stuff still leaves me scratching my head. Although, since moving to ESET, I've been infection-free (2006). Thanks again, Thane Best, Duncan Naushad Zulfiqar wrote: Has anyone tried this software? The concept looks good. http://www.sandboxie.com/ -- Tallyho ! ]:8) Taglines below ! -- Good taste is the flower of good sense.
Re: [H] Sandboxie
only meant programs that installed unto themselves, did not interweave with anything or anybody else and del is all that is needed to get rid of them. That said sandboxie may be worth looking into for grins. fp BTW Happy 4th, may be the last one as we knew it comrade. At 11:24 AM 7/4/2009, DSinc Poked the stick with: >fp, >Can you define "DOS"? My read is ANY Windows OS has a DOS GrandFather. >Sorry, I missed this one. :) >Best, >Duncan > > >FORC5 wrote: >>Sandboxie sounds a lot like *DOS* full circle. >>I loved things not being dependent on windows to run. easier to get rid of >>too. >>fp >>At 10:51 AM 7/4/2009, Brian Weeden Poked the stick with: >>>I use it as well and love it. One great way to keep nasties from your >>>web browser from getting into the rest of your system. >>> >>>There's a great episode of the Security Now! podcast dedicated to it. >>> >>>Be aware that it is not compatible with Vista/Win 7 64-bit due to the >>>way they changed the security architecture. >>> >>> >>>- >>>Brian Weeden >>>Technical Advisor >>>Secure World Foundation >>> >>>On 4-Jul-09, at 1:25 PM, DSinc wrote: >>> Zool, I have it; have kept it up to date, but have never tried it yet! Sandboxie.com comes highly suggested on the ESET/Wilders security forums. However, I suspect that many/most of the shares on this forum might have bigger "tin-hats" than I. I just do not know. Much of this "virtual" area stuff still leaves me scratching my head. Although, since moving to ESET, I've been infection-free (2006). Thanks again, Thane Best, Duncan Naushad Zulfiqar wrote: >Has anyone tried this software? >The concept looks good. >http://www.sandboxie.com/ -- Tallyho ! ]:8) Taglines below ! -- Good taste is the flower of good sense. > >-- >Tallyho ! ]:8) >Taglines below ! >-- >I thought I was wrong once, but I was mistaken.
Re: [H] Sandboxie
fp, Thanks. Yes, I try to run ONLY proggies that do this. Eudora, TBird, FF, Eraser, CCleaner, Belarc, CPUID, ESET (mostly), Everest, HMonv113, RKR171. Just my style... :) Best, Duncan FORC5 wrote: only meant programs that installed unto themselves, did not interweave with anything or anybody else and del is all that is needed to get rid of them. That said sandboxie may be worth looking into for grins. fp BTW Happy 4th, may be the last one as we knew it comrade. At 11:24 AM 7/4/2009, DSinc Poked the stick with: fp, Can you define "DOS"? My read is ANY Windows OS has a DOS GrandFather. Sorry, I missed this one. :) Best, Duncan FORC5 wrote: Sandboxie sounds a lot like *DOS* full circle. I loved things not being dependent on windows to run. easier to get rid of too. fp At 10:51 AM 7/4/2009, Brian Weeden Poked the stick with: I use it as well and love it. One great way to keep nasties from your web browser from getting into the rest of your system. There's a great episode of the Security Now! podcast dedicated to it. Be aware that it is not compatible with Vista/Win 7 64-bit due to the way they changed the security architecture. - Brian Weeden Technical Advisor Secure World Foundation On 4-Jul-09, at 1:25 PM, DSinc wrote: Zool, I have it; have kept it up to date, but have never tried it yet! Sandboxie.com comes highly suggested on the ESET/Wilders security forums. However, I suspect that many/most of the shares on this forum might have bigger "tin-hats" than I. I just do not know. Much of this "virtual" area stuff still leaves me scratching my head. Although, since moving to ESET, I've been infection-free (2006). Thanks again, Thane Best, Duncan Naushad Zulfiqar wrote: Has anyone tried this software? The concept looks good. http://www.sandboxie.com/ -- Tallyho ! ]:8) Taglines below ! -- Good taste is the flower of good sense. -- Tallyho ! ]:8) Taglines below ! -- I thought I was wrong once, but I was mistaken.
Re: [H] Sandboxie
I like the analogy of a condom for windows. Classic. -Original Message- From: Brian Weeden Date: Sat, 4 Jul 2009 14:25:17 To: hwg Cc: hwg Subject: Re: [H] Sandboxie I think you're misunderstanding what Sandboxie does. Think if it as a condom for Windows. When you run an app in Sandboxie, it sits between the app and Windows. Any changes the app makes to the system are not saved unless you explicitly say so. You can also specify for each app any system resources it can access explictly. And you can specify that certain apps always run sandboxed, even when launched by other apps. Sandboxie is almost like a virtualization except you can apply it on an app by app basis. - Brian Weeden Technical Advisor Secure World Foundation On 4-Jul-09, at 2:09 PM, FORC5 wrote: > Sandboxie sounds a lot like *DOS* > full circle. > I loved things not being dependent on windows to run. easier to get > rid of too. > fp > > At 10:51 AM 7/4/2009, Brian Weeden Poked the stick with: >> I use it as well and love it. One great way to keep nasties from >> your >> web browser from getting into the rest of your system. >> >> There's a great episode of the Security Now! podcast dedicated to it. >> >> Be aware that it is not compatible with Vista/Win 7 64-bit due to the >> way they changed the security architecture. >> >> >> - >> Brian Weeden >> Technical Advisor >> Secure World Foundation >> >> On 4-Jul-09, at 1:25 PM, DSinc wrote: >> >>> Zool, >>> I have it; have kept it up to date, but have never tried it yet! >>> Sandboxie.com comes highly suggested on the ESET/Wilders security >>> forums. >>> However, I suspect that many/most of the shares on this forum might >>> have bigger "tin-hats" than I. I just do not know. >>> Much of this "virtual" area stuff still leaves me scratching my >>> head. >>> Although, since moving to ESET, I've been infection-free (2006). >>> Thanks again, Thane >>> Best, >>> Duncan >>> >>> >>> Naushad Zulfiqar wrote: >>>> Has anyone tried this software? >>>> The concept looks good. >>>> http://www.sandboxie.com/ >>> >>> -- >>> Tallyho ! ]:8) >>> Taglines below ! >>> -- >>> Good taste is the flower of good sense. >
Re: [H] Sandboxie
Looks like a home version of the Green Boarder software http://en.wikipedia.org/wiki/GreenBorder which Google acquired. If it does what it says it can do it would be an awesome piece of software to run as a last line of defense. Thanks, -- Ali Mesdaq (CISSP, GIAC-GREM) Sr. Security Researcher Websense Security Labs http://www.WebsenseSecurityLabs.com -- -Original Message- From: hardware-boun...@hardwaregroup.com [mailto:hardware-boun...@hardwaregroup.com] On Behalf Of Naushad Zulfiqar Sent: Saturday, July 04, 2009 9:59 AM To: hardware@hardwaregroup.com Subject: [H] Sandboxie Has anyone tried this software? The concept looks good. http://www.sandboxie.com/ -- Best Regards, Zulfiqar Naushad Protected by Websense Hosted Email Security -- www.websense.com
Re: [H] Sandboxie
Ali, I have had a copy(s) of Green Border for years. Never tried it. I grapple badly with all of the "virtualization tech." I think I sorta get it, but am still skittish of it. Feel safer behind my ESET solution...and moderate browsing habits :) Sorry to see that Google gobbled it up. Will this consolidation ever cease? Best, Duncan Mesdaq, Ali wrote: Looks like a home version of the Green Boarder software http://en.wikipedia.org/wiki/GreenBorder which Google acquired. If it does what it says it can do it would be an awesome piece of software to run as a last line of defense. Thanks, -- Ali Mesdaq (CISSP, GIAC-GREM) Sr. Security Researcher Websense Security Labs http://www.WebsenseSecurityLabs.com -- -Original Message- From: hardware-boun...@hardwaregroup.com [mailto:hardware-boun...@hardwaregroup.com] On Behalf Of Naushad Zulfiqar Sent: Saturday, July 04, 2009 9:59 AM To: hardware@hardwaregroup.com Subject: [H] Sandboxie Has anyone tried this software? The concept looks good. http://www.sandboxie.com/
Re: [H] Sandboxie
Well Google implemented (in Chrome) some of the functionality in what it calls "Incognito Mode" where you can browse whatever sites you want and all traces of activity are removed when you close your browser window. So cookies, temp files, browsing history, etc. I have been using chrome pretty much as my main browser and using incognito mode anytime I browse around on the net. The green boarder site had some nice explanations of what exactly their software does but looks like all the content is down. The best way I think you can think of the virtualization stuff is imagine the virtualization software hooks parts of your system things like file creation, registry reading, registry writing, etc. Now when a software lets say IE tries to save file.exe the virtualization software just captures that attempt redirects it to some temporary location but IE has no idea this happened behind the scenes. Most of those software are doing either userland hooking or kernel level hooking mixed in with drivers. It’s a very similar concept to rootkits. Eset is pretty good as far as AV goes. But from what I see on a daily basis putting trust in AV no matter which one is not a smart move. I think your on the right track with your approach of moderate browsing habits and layered security. Use chrome since it has the fewest security issues and targeted the least, use incognito mode, use another virtualization layer if desired. Thanks, -- Ali Mesdaq (CISSP, GIAC-GREM) Sr. Security Researcher Websense Security Labs http://www.WebsenseSecurityLabs.com -- -Original Message- From: hardware-boun...@hardwaregroup.com [mailto:hardware-boun...@hardwaregroup.com] On Behalf Of DSinc Sent: Monday, July 06, 2009 10:34 AM To: hardware@hardwaregroup.com Subject: Re: [H] Sandboxie Ali, I have had a copy(s) of Green Border for years. Never tried it. I grapple badly with all of the "virtualization tech." I think I sorta get it, but am still skittish of it. Feel safer behind my ESET solution...and moderate browsing habits :) Sorry to see that Google gobbled it up. Will this consolidation ever cease? Best, Duncan Mesdaq, Ali wrote: > Looks like a home version of the Green Boarder software > http://en.wikipedia.org/wiki/GreenBorder which Google acquired. If it does > what it says it can do it would be an awesome piece of software to run as a > last line of defense. > > Thanks, > -- > Ali Mesdaq (CISSP, GIAC-GREM) > Sr. Security Researcher > Websense Security Labs > http://www.WebsenseSecurityLabs.com > -- > > > -Original Message- > From: hardware-boun...@hardwaregroup.com > [mailto:hardware-boun...@hardwaregroup.com] On Behalf Of Naushad Zulfiqar > Sent: Saturday, July 04, 2009 9:59 AM > To: hardware@hardwaregroup.com > Subject: [H] Sandboxie > > Has anyone tried this software? > > The concept looks good. > > http://www.sandboxie.com/ > Protected by Websense Hosted Email Security -- www.websense.com
Re: [H] Sandboxie
Ali, Thanks for the send. ESET is my main defense, 2d is my browsing habits. I use IE8 for all my banking needs. Otherwise I use FF311 w/NoScript and CS-Lite. So far, I feel pretty good. Best, Duncan Mesdaq, Ali wrote: Well Google implemented (in Chrome) some of the functionality in what it calls "Incognito Mode" where you can browse whatever sites you want and all traces of activity are removed when you close your browser window. So cookies, temp files, browsing history, etc. I have been using chrome pretty much as my main browser and using incognito mode anytime I browse around on the net. The green boarder site had some nice explanations of what exactly their software does but looks like all the content is down. The best way I think you can think of the virtualization stuff is imagine the virtualization software hooks parts of your system things like file creation, registry reading, registry writing, etc. Now when a software lets say IE tries to save file.exe the virtualization software just captures that attempt redirects it to some temporary location but IE has no idea this happened behind the scenes. Most of those software are doing either userland hooking or kernel level hooking mixed in with drivers. It’s a very similar concept to rootkits. Eset is pretty good as far as AV goes. But from what I see on a daily basis putting trust in AV no matter which one is not a smart move. I think your on the right track with your approach of moderate browsing habits and layered security. Use chrome since it has the fewest security issues and targeted the least, use incognito mode, use another virtualization layer if desired. Thanks, -- Ali Mesdaq (CISSP, GIAC-GREM) Sr. Security Researcher Websense Security Labs http://www.WebsenseSecurityLabs.com -- -Original Message- From: hardware-boun...@hardwaregroup.com [mailto:hardware-boun...@hardwaregroup.com] On Behalf Of DSinc Sent: Monday, July 06, 2009 10:34 AM To: hardware@hardwaregroup.com Subject: Re: [H] Sandboxie Ali, I have had a copy(s) of Green Border for years. Never tried it. I grapple badly with all of the "virtualization tech." I think I sorta get it, but am still skittish of it. Feel safer behind my ESET solution...and moderate browsing habits :) Sorry to see that Google gobbled it up. Will this consolidation ever cease? Best, Duncan Mesdaq, Ali wrote: Looks like a home version of the Green Boarder software http://en.wikipedia.org/wiki/GreenBorder which Google acquired. If it does what it says it can do it would be an awesome piece of software to run as a last line of defense. Thanks, -- Ali Mesdaq (CISSP, GIAC-GREM) Sr. Security Researcher Websense Security Labs http://www.WebsenseSecurityLabs.com -- -Original Message- From: hardware-boun...@hardwaregroup.com [mailto:hardware-boun...@hardwaregroup.com] On Behalf Of Naushad Zulfiqar Sent: Saturday, July 04, 2009 9:59 AM To: hardware@hardwaregroup.com Subject: [H] Sandboxie Has anyone tried this software? The concept looks good. http://www.sandboxie.com/ Protected by Websense Hosted Email Security -- www.websense.com