Sandboxie [Discussion]

Vettetech

Computer Security Testing Group
Comodo's Hero

Offline

Posts: 4631

Sandboxie [Discussion]

« on: May 01, 2008, 08:26:44 PM »

I would also recommend using Sandboxie. Whatever happens stays in the Sandbox and never gets written to the hard drive. Have Comodo would have prevented it cause you would have gotten a D+ alert and you could have click block.


	Logged

Ragwing

Global Moderator
Comodo's Hero

Online

Posts: 3114

Sailor Warrior of Love and Justice

Sandboxie

« Reply #1 on: May 02, 2008, 06:28:55 AM »

Quote from: Vettetech on May 01, 2008, 08:26:44 PM

I would also recommend using Sandboxie. Whatever happens stays in the Sandbox and never gets written to the hard drive.

Well, that's not really true, as it's written to the hard drive. But yes, everything you do in sandboxed mode will get written to \Documents and Settings\%username%\Application Data\Sandbox, and stays there until you remove it.

Cheers,
Ragwing


	Logged

XP SP3 2 GHz 768 MB RAM
5 services / 12 processes

Vettetech

Computer Security Testing Group
Comodo's Hero

Offline

Posts: 4631

Sandboxie

« Reply #2 on: May 02, 2008, 07:22:14 AM »

Not so true. It may be in that folder but its not really there unless you remove it. Try installing something under a Sandbox. Then empty the sandbox and you will not see the program installed. Like it never happened.

http://www.sandboxie.com/


	Logged

Pedro*

Comodo's Hero

Offline

Posts: 794

Sandboxie

« Reply #3 on: May 02, 2008, 09:19:00 AM »

But until you empty the sandbox. The content is in the HD.
What you really mean is that nothing gets written in the real folders.


	Logged

larrymcg

Newbie

Offline

Posts: 2

Sandboxie

« Reply #4 on: May 02, 2008, 10:51:15 AM »

I find the idea of Sandboxie very interesting. However, unless you know which apps you need to put in the sandbox, you'd have to put them all in. Not practical. Since the subject of this thread is drive-by installs, maybe putting just the browsers you use (Firefox and IE) in the sandbox is enough?
But what about the things you want to keep from the browsing session? Bookmarks. Downloads. And probably other stuff too. Can you decide to keep those things before throwing away the sandbox?

Is a sandbox somehow superior to running in a virtual machine like VMWare? I've tried a VMWare browsing appliance. Seems to run pretty well (I was running Firefox on Linux under VMWare). However, in a short time it seemed to fall apart (lots of errors and finally, no useful functionality). So I got rid of it.

--Larry


	Logged

Frosty Port

Comodo Family Member

Offline

Posts: 54

Sandboxie

« Reply #5 on: May 02, 2008, 11:11:15 AM »

if you need to save a D/L and you was in the sand~box there is a option to retrieve the D/L


	Logged

{XP-PRO-SP2} {FireFox} {Avast-Pro AV} {Comodo FW pro3}

Vettetech

Computer Security Testing Group
Comodo's Hero

Offline

Posts: 4631

Sandboxie

« Reply #6 on: May 02, 2008, 11:33:38 AM »

Quote from: larrymcg on May 02, 2008, 10:51:15 AM

There is good help for this is the Sandboxie forums. I run IE and FF Sandboxed when I need to. If I am installing or trying something new I simply run it under a sandbox.


	Logged

Xman

Computer Security Testing Group
Comodo's Hero

Offline

Posts: 340

Xman

Re: Sandboxie

« Reply #7 on: May 09, 2008, 05:23:59 PM »

Hi dudes, Sandboxie rules so far as to ease of use & functionality IMHO for browsing, never had issues using it.
Clapping

Xman


	Logged

Vettetech

Computer Security Testing Group
Comodo's Hero

Offline

Posts: 4631

Re: Sandboxie

« Reply #8 on: May 09, 2008, 05:40:11 PM »

I made a custom cleaner folder for CCleaner. Now when I want to empty my Sandbox I simply click CCleaner.


	Logged

Eric Cryptid

Global Moderator
Comodo's Hero

Offline

Posts: 1086

Security Saskquatch

Re: Sandboxie

« Reply #9 on: May 11, 2008, 06:19:18 AM »

I'm feeling confused with this whole sandbox thing. I understand most of it just not the bit about whether or not you empty the sandbox.

I.E. You download a file which is fine and virus free and want to keep that and then you download another one which isn't virus free, how do you perminently download the non-virus one and get rid of the virus one? Do you have to empty the sandbox and re-download the good one?

Maybe I should read their website lol

E


	Logged

Cryptid - Any animal or creature that has been reported to have existed, but has not been proven to.

Security Fanatic

Please Read Forum Policy Before Posting - https://forums.comodo.com/new_member_information/forum_policy-t1516.0.html

Dennis2

Global Moderator
Comodo's Hero

Offline

Posts: 607

Re: Sandboxie

« Reply #10 on: May 11, 2008, 08:22:40 AM »

Quote from: Eric Cryptid on May 11, 2008, 06:19:18 AM

EDIT You can use Quick Recovery for only the file which is virus free any time and leave the virus one in the sandbox screenshots below.
Dennis


« Last Edit: May 11, 2008, 09:06:01 AM by Dennis2 »	Logged

Josh123

Guest

Re: Sandboxie

« Reply #11 on: May 12, 2008, 04:06:51 AM »

I heard when you browse, After you close your browser Sandboxie cleans EVERYTHING OUT (When Running Your browser in Sandbox off course).

Josh


	Logged

Vettetech

Computer Security Testing Group
Comodo's Hero

Offline

Posts: 4631

Re: Sandboxie

« Reply #12 on: May 12, 2008, 05:59:22 AM »

Quote from: 3xist on May 12, 2008, 04:06:51 AM

I heard when you browse, After you close your browser Sandboxie cleans EVERYTHING OUT (When Running Your browser in Sandbox off course).

Josh

Only if you select that option. I like using CCleaner instead.


	Logged

Pedro*

Comodo's Hero

Offline

Posts: 794

Re: Sandboxie

« Reply #13 on: May 12, 2008, 09:08:57 AM »

Quote from: Eric Cryptid on May 11, 2008, 06:19:18 AM

It depends on how you use it. The are a few options.

You can, for instance, create an open file path so sandboxie lets that folder be written.
http://www.sandboxie.com/index.php?OpenFilePath
Like setting your "safe downloads" folder. Firefox bookmarks, etc.

Or you can set the Quick Recovery .

Quote

The Quick Recovery feature makes it easier to extract files (and even whole folders) that are created and saved by sandboxed programs. It scans a few sandboxed folders, which have to be selected in advance, and lists the files (and folders) it finds within them. These files (and folders) can be recovered into the corresponding location outside the sandbox, or to any location.

http://www.sandboxie.com/index.php?QuickRecovery
Like, set it to delete automatically when closing the browser, but open quick recovery (this watches your chosen folders), so you can review if you want to keep anything.

It's been a while since i really used it. But one thing you can be certain, by reading the website you will understand it all.
If you're really interested - http://www.sandboxie.com/index.php?GettingStarted


	Logged

Luketan

Computer Security Testing Group
Comodo Loves me

Offline

Posts: 194

Re: Sandboxie

« Reply #14 on: May 24, 2008, 03:54:57 AM »

Quote from: Vettetech on May 02, 2008, 07:22:14 AM

Got to agree with ragwing and disagree with you.

"Not really there" means what exactly? The file is indeed written on the HD as Ragwing says just not where windows think it is. Sandboxie actually redirects the file changes to another file directory. But trust me the files are indeed there... When you empty the sandbox, sandboxie simply deletes those files in the redirected folder..

So if you download a keylogger into say c:\whatever, it is actually written on c:\sandbox\whatever (not a real example).

Better sandboxes like sandboxie, actually interact with windows explorer, so the files look like where they are supposed to be.


	Logged

Tags:

Pages: [1] 2 3 4

« previous next »

Jump to:

SSL

Firewall

Page created in 0.155 seconds with 18 queries.

Design by 7dana.com