Newbie ..sandbox setup help
4 posters
Page 1 of 2
Page 1 of 2 • 1, 2
Newbie ..sandbox setup help
Hi
I'm new here and not so expert about security setup things .start using sanboxie few days and trying to configure (setup) it perfectly.Following ssj100's sandbox setup guide but im litlebit confused about step 15 how can do this ? i mean i have to run windows explorer (explorer.exe) all the time sandboxed or what?
any help?
Thanks
Sorry for bad English
I'm new here and not so expert about security setup things .start using sanboxie few days and trying to configure (setup) it perfectly.Following ssj100's sandbox setup guide but im litlebit confused about step 15 how can do this ? i mean i have to run windows explorer (explorer.exe) all the time sandboxed or what?
any help?
Thanks
Sorry for bad English
Mart- Member
- Posts : 21
Join date : 2010-06-01
Re: Newbie ..sandbox setup help
Yes, step 15 is a bit confusing actually. Don't worry, I'll try to clarify things soon with step by step instructions on how to carry out step 15 (I posted these step by step instructions on the Wilders forum once but I think that post is deleted now).
By the way, welcome to the forums!
By the way, welcome to the forums!
Re: Newbie ..sandbox setup help
Thanks ssj100 ..waiting for your step by step instructions
I have one more question if i enable DEP i know it is good for security but any negative ..i mean running program or installations like this?
I have one more question if i enable DEP i know it is good for security but any negative ..i mean running program or installations like this?
Mart- Member
- Posts : 21
Join date : 2010-06-01
Re: Newbie ..sandbox setup help
Reason for employing step 15:
1. Eg. you download files into your "Downloads" folder from your sandboxed web browser.
2. Your "Downloads" folder is forced sandboxed.
3. Despite following 1. and 2., there is unfortunately no guarantee that the file(s) you have downloaded will open sandboxed when you double click on them. Don't get me wrong - most files probably will open sandboxed, but it is well known that some might not. For example, if Windows Picture and Fax Viewer or Windows Media Player are your default picture viewers and default video players respectively, browsing to your downloads folder and opening these files will result in them opening unsandboxed. In recent times, there have been a few other examples. I repeat, there is no guarantee that a forced folder will open all files sandboxed.
4. So how do we deal with this issue with Sandboxie? Here's how:
5. The idea is to open these files with a sandboxed explorer.exe. This doesn't mean force sandboxing explorer.exe itself. Instead, you simply have to open an instance of a sandboxed explorer.exe (via a conveniently placed shortcut):
1. Open "Sandboxie Control"
2. Click "Configure", then click "Windows Shell Integration"
3. Click "Add Shortcut Icons"
4. Select the sandbox you want to open your newly introduced files with a sandboxed explorer.exe
5. Since I usually (recover out of the sandbox and) place all newly introduced files on to my desktop (this is safe practise in my opinion, as malware simply can't execute by itself - you still have to run the file...and keep in mind I employ a system-wide default-deny anti-executable mechanism with a well configured SRP), I simply now have to select "Desktop", then "(explore folder)".
6. The shortcut will appear on your desktop and it will have the following command (which you can view by right clicking the shortcut and then clicking "Properties"):
"C:\Program Files\Sandboxie\Start.exe" /box:123456 "C:\WINDOWS\explorer.exe" /e,"ABCDEF"
123456: name of your selected sandbox
ABCDEF: path of your downloads folder (in my case, C:\Documents and Settings\XXXXXX\Desktop), where XXXXXX is the name of my user account.
I've purposefully given the above long-winded approach so that people can understand better how to do things via the Sandboxie GUI (Sandboxie Control). However, there are at least 2 other ways to do this and they are probably much faster. One other way involves the use of a Sandboxie third party application which automatically creates sandboxed shortcuts for you. The other way is as follows:
1. Right click a blank space on your desktop
2. Click "New", then click "Shortcut", then click "Browse"
3. Navigate to where "Start.exe" is (usually C:\Program Files\Sandboxie\Start.exe)
4. Click OK
5. Now you'll need to manually finish typing in the full command as above:
"C:\Program Files\Sandboxie\Start.exe" /box:123456 "C:\WINDOWS\explorer.exe" /e,"ABCDEF"
6. Click "Next"
7. Now type the desired name of your shortcut and click "Finish".
There you have it. Once this shortcut is created, place it somewhere conveniently - I place it on my Quick Launch bar. So whenever I download a file on to my desktop (or whichever is my downloads folder), all I simply need to do to guarantee that it opens sandboxed is to click on my shortcut and it will automatically open a sandboxed explorer.exe which automatically navigates to my downloads folder ("Desktop" in my case).
Take your time to go through the above and feel free to ask further questions - it can be quite complex for the novice user.
1. Eg. you download files into your "Downloads" folder from your sandboxed web browser.
2. Your "Downloads" folder is forced sandboxed.
3. Despite following 1. and 2., there is unfortunately no guarantee that the file(s) you have downloaded will open sandboxed when you double click on them. Don't get me wrong - most files probably will open sandboxed, but it is well known that some might not. For example, if Windows Picture and Fax Viewer or Windows Media Player are your default picture viewers and default video players respectively, browsing to your downloads folder and opening these files will result in them opening unsandboxed. In recent times, there have been a few other examples. I repeat, there is no guarantee that a forced folder will open all files sandboxed.
4. So how do we deal with this issue with Sandboxie? Here's how:
5. The idea is to open these files with a sandboxed explorer.exe. This doesn't mean force sandboxing explorer.exe itself. Instead, you simply have to open an instance of a sandboxed explorer.exe (via a conveniently placed shortcut):
1. Open "Sandboxie Control"
2. Click "Configure", then click "Windows Shell Integration"
3. Click "Add Shortcut Icons"
4. Select the sandbox you want to open your newly introduced files with a sandboxed explorer.exe
5. Since I usually (recover out of the sandbox and) place all newly introduced files on to my desktop (this is safe practise in my opinion, as malware simply can't execute by itself - you still have to run the file...and keep in mind I employ a system-wide default-deny anti-executable mechanism with a well configured SRP), I simply now have to select "Desktop", then "(explore folder)".
6. The shortcut will appear on your desktop and it will have the following command (which you can view by right clicking the shortcut and then clicking "Properties"):
"C:\Program Files\Sandboxie\Start.exe" /box:123456 "C:\WINDOWS\explorer.exe" /e,"ABCDEF"
123456: name of your selected sandbox
ABCDEF: path of your downloads folder (in my case, C:\Documents and Settings\XXXXXX\Desktop), where XXXXXX is the name of my user account.
I've purposefully given the above long-winded approach so that people can understand better how to do things via the Sandboxie GUI (Sandboxie Control). However, there are at least 2 other ways to do this and they are probably much faster. One other way involves the use of a Sandboxie third party application which automatically creates sandboxed shortcuts for you. The other way is as follows:
1. Right click a blank space on your desktop
2. Click "New", then click "Shortcut", then click "Browse"
3. Navigate to where "Start.exe" is (usually C:\Program Files\Sandboxie\Start.exe)
4. Click OK
5. Now you'll need to manually finish typing in the full command as above:
"C:\Program Files\Sandboxie\Start.exe" /box:123456 "C:\WINDOWS\explorer.exe" /e,"ABCDEF"
6. Click "Next"
7. Now type the desired name of your shortcut and click "Finish".
There you have it. Once this shortcut is created, place it somewhere conveniently - I place it on my Quick Launch bar. So whenever I download a file on to my desktop (or whichever is my downloads folder), all I simply need to do to guarantee that it opens sandboxed is to click on my shortcut and it will automatically open a sandboxed explorer.exe which automatically navigates to my downloads folder ("Desktop" in my case).
Take your time to go through the above and feel free to ask further questions - it can be quite complex for the novice user.
Re: Newbie ..sandbox setup help
Mart wrote:Thanks ssj100 ..waiting for your step by step instructions
I have one more question if i enable DEP i know it is good for security but any negative ..i mean running program or installations like this?
I've never noticed any problems enabling DEP for all programs and services. If you do run into problems, you can simply add exceptions.
Re: Newbie ..sandbox setup help
Thanks for nice explanations
here is my step 6 shortcut properties command if you can please check if it is correct
"C:\Program Files\Sandboxie\Start.exe" /box:SandboxieDownloads "C:\Windows\explorer.exe" /e,"C:\Users\xxxxx\Desktop" /e,"Sandboxie Downloads"
i have one folder in D drive name Sandboxie Downloads and that folder is forced sandboxed
here is my step 6 shortcut properties command if you can please check if it is correct
"C:\Program Files\Sandboxie\Start.exe" /box:SandboxieDownloads "C:\Windows\explorer.exe" /e,"C:\Users\xxxxx\Desktop" /e,"Sandboxie Downloads"
i have one folder in D drive name Sandboxie Downloads and that folder is forced sandboxed
Mart- Member
- Posts : 21
Join date : 2010-06-01
Re: Newbie ..sandbox setup help
Mart wrote:Thanks for nice explanations
here is my step 6 shortcut properties command if you can please check if it is correct
"C:\Program Files\Sandboxie\Start.exe" /box:SandboxieDownloads "C:\Windows\explorer.exe" /e,"C:\Users\xxxxx\Desktop" /e,"Sandboxie Downloads"
i have one folder in D drive name Sandboxie Downloads and that folder is forced sandboxed
That doesn't look right. It should be something like this:
"C:\Program Files\Sandboxie\Start.exe" /box:SandboxieDownloads "C:\Windows\explorer.exe" /e,"D:\Sandboxie Downloads"
Re: Newbie ..sandbox setup help
Thanks ..This one work
"C:\Program Files\Sandboxie\Start.exe" /box:Downloads "C:\Windows\explorer.exe" /e,"C:\Users\xxxx\Desktop"D:\Sandboxie Downloads"
anyway i wants to ask another question
I created one folder in D drive name Movies and i added it options forced folder
now my question is if i browse default explorer.exe(Unsandboxed) and browse this folder and play any media file it will be open in Sandboxed or unsandboxed ?
"C:\Program Files\Sandboxie\Start.exe" /box:Downloads "C:\Windows\explorer.exe" /e,"C:\Users\xxxx\Desktop"D:\Sandboxie Downloads"
anyway i wants to ask another question
I created one folder in D drive name Movies and i added it options forced folder
now my question is if i browse default explorer.exe(Unsandboxed) and browse this folder and play any media file it will be open in Sandboxed or unsandboxed ?
Mart- Member
- Posts : 21
Join date : 2010-06-01
Re: Newbie ..sandbox setup help
Mart wrote:anyway i wants to ask another question
I created one folder in D drive name Movies and i added it options forced folder
now my question is if i browse default explorer.exe(Unsandboxed) and browse this folder and play any media file it will be open in Sandboxed or unsandboxed ?
It will most likely open sandboxed, unless Windows Media Player (WMP) is your default video player. If WMP is your default video player, then you may find some video files will open unsandboxed.
This is the case for all programs like Sandboxie, including GesWall and DefenseWall. In my opinion, Sandboxie beats them because you can still use a good security approach by opening files via a sandboxed explorer.exe, and therefore guaranteeing that all files will open sandboxed.
Re: Newbie ..sandbox setup help
No its not working.Here what i did
I created one folder in D drive name Movies added it to forced folder and created one new sandbox named movies.My default media player VLC(Unsandboxed) .Now when i browse default explorer.exe (Unsandboxed) browse movies folder and play one media file VLC opened unsandboxed and folder is not sandboxed too.I know if i forced vlc run in sandbox thn it should be open sandboxed but thn there is no meaning to create Sanboxed folder which way im thinking to create
any idea??hope you will understand what im trying to say.....
I created one folder in D drive name Movies added it to forced folder and created one new sandbox named movies.My default media player VLC(Unsandboxed) .Now when i browse default explorer.exe (Unsandboxed) browse movies folder and play one media file VLC opened unsandboxed and folder is not sandboxed too.I know if i forced vlc run in sandbox thn it should be open sandboxed but thn there is no meaning to create Sanboxed folder which way im thinking to create
any idea??hope you will understand what im trying to say.....
Mart- Member
- Posts : 21
Join date : 2010-06-01
Re: Newbie ..sandbox setup help
Yes I think I understand what you're saying and I'm surprised that it's not opening VLC sandboxed when you play the video file. Let me try to reproduce it in my VM.
By the way, you're using a Registered version of Sandboxie right?
By the way, you're using a Registered version of Sandboxie right?
Re: Newbie ..sandbox setup help
Yes Registered version..When i added one folder in forced folder options that means that folder Sandboxed.So if i browse normal way and if i play any media file from that folder it should be open sandboxed..or not?
Mart- Member
- Posts : 21
Join date : 2010-06-01
Re: Newbie ..sandbox setup help
Yes it should (in most cases). I just tested it and it works fine with VLC player - my media file (inside a forced folder) is opened sandboxed, even though I'm browsing it with an unsandboxed explorer.exe. I'm not sure why it's not working for you sorry. I'd suggest posting this issue on the Sandboxie forums, along with the OS you're using, 32-bit or 64-bit, and other third party security software you're using.
Re: Newbie ..sandbox setup help
When you tested VLC was not in forced programs ?
anyway thanks for your kind help........
anyway thanks for your kind help........
Mart- Member
- Posts : 21
Join date : 2010-06-01
Re: Newbie ..sandbox setup help
Mart wrote:When you tested VLC was not in forced programs ?
anyway thanks for your kind help........
Yes, VLC was not in forced programs. As I said, I'm not sure why it's not working for you. Good luck anyway. And no problem.
Re: Newbie ..sandbox setup help
Hi Mart&ssj100!!
For me,I also use VLC as my default player,it is easier just to add it as a forced program,than to run down every folder I may have video content in.
If I have not gotten "cute" with blocked file restrictions,all vid files open in their default program,(VLC),and as it is a forced program,always Sandboxed.
nice thread,
respect,
noor
For me,I also use VLC as my default player,it is easier just to add it as a forced program,than to run down every folder I may have video content in.
If I have not gotten "cute" with blocked file restrictions,all vid files open in their default program,(VLC),and as it is a forced program,always Sandboxed.
nice thread,
respect,
noor
Guest- Guest
Re: Newbie ..sandbox setup help
Yes noor that's the esaiest way but i m just curious when i added one folder in forced folder options it contains should be open sandboxed ..doesnt matter if i browse with an unsandboxed explorer.exe but its not working for me ..bad luck
Windows 7 Ultimate x86
Windows Firewall
Avast
Windows 7 Ultimate x86
Windows Firewall
Avast
Mart- Member
- Posts : 21
Join date : 2010-06-01
Re: Newbie ..sandbox setup help
Thanks ssj100 .Now its working ..
Mart- Member
- Posts : 21
Join date : 2010-06-01
I don't understand the use of step 15 in your Sandboxie section.
• You download vegeta.jpg.
• You open vegeta.jpg with a sandboxed explorer.exe.
• Here is the step I'm unsure of.
• You move vegeta.jpg to D:\Images.
• You open vegeta.jpg in the future with an unsandboxed explorer.exe.
What do you do in the step I'm unsure of?
• You open vegeta.jpg with a sandboxed explorer.exe.
• Here is the step I'm unsure of.
• You move vegeta.jpg to D:\Images.
• You open vegeta.jpg in the future with an unsandboxed explorer.exe.
What do you do in the step I'm unsure of?
Throwawayaccount123456- New Member
- Posts : 4
Join date : 2013-09-23
Re: Newbie ..sandbox setup help
A few things you can do to deal with this. Before you move files around, you ideally should seek the opinion of a black-listing program (eg. virustotal, antivirus etc). If you still want to open/run the newly introduced file(s) sandboxed, then you simply need to configure a Sandboxie (sandboxed explorer.exe) shortcut to the folder containing the newly introduced file(s) - in this case, it would be a shortcut to D:\Images.Throwawayaccount123456 wrote:• You download vegeta.jpg.
• You open vegeta.jpg with a sandboxed explorer.exe.
• Here is the step I'm unsure of.
• You move vegeta.jpg to D:\Images.
• You open vegeta.jpg in the future with an unsandboxed explorer.exe.
What do you do in the step I'm unsure of?
Re: Newbie ..sandbox setup help
Do you use two file explorers: one sandboxed for reading and one unsandboxed for writing?ssj100 wrote:A few things you can do to deal with this. Before you move files around, you ideally should seek the opinion of a black-listing program (eg. virustotal, antivirus etc). If you still want to open/run the newly introduced file(s) sandboxed, then you simply need to configure a Sandboxie (sandboxed explorer.exe) shortcut to the folder containing the newly introduced file(s) - in this case, it would be a shortcut to D:\Images.Throwawayaccount123456 wrote:• You download vegeta.jpg.
• You open vegeta.jpg with a sandboxed explorer.exe.
• Here is the step I'm unsure of.
• You move vegeta.jpg to D:\Images.
• You open vegeta.jpg in the future with an unsandboxed explorer.exe.
What do you do in the step I'm unsure of?
Or do you open newly introduced files only the first time sandboxed to catch obvious malware without it writing to your real system?
Throwawayaccount123456- New Member
- Posts : 4
Join date : 2013-09-23
Re: Newbie ..sandbox setup help
Basically I always try to open/run everything sandboxed for as long as I feel is required. If a file needs to be modified, then I would ideally scan it with a black-listing program before opening it unsandboxed. Otherwise, for other files like videos, they can always be opened sandboxed even after they are moved from the main Downloads folder.
Before I move files out of my main Downloads folder, I usually scan the folder with Emsisoft Emergency Kit (EEK). Then if all is clear (it always is), I would feel confident of moving the files out of the Downloads folder to a more permanent folder. However, as I stated above, I still open files like videos sandboxed even after moving them.
Before I move files out of my main Downloads folder, I usually scan the folder with Emsisoft Emergency Kit (EEK). Then if all is clear (it always is), I would feel confident of moving the files out of the Downloads folder to a more permanent folder. However, as I stated above, I still open files like videos sandboxed even after moving them.
Re: Newbie ..sandbox setup help
Thank you for further detailing your setup.
Throwawayaccount123456- New Member
- Posts : 4
Join date : 2013-09-23
Sandboxing downloaded files, the process
ssj100 wrote:Basically I always try to open/run everything sandboxed for as long as I feel is required. If a file needs to be modified, then I would ideally scan it with a black-listing program before opening it unsandboxed. Otherwise, for other files like videos, they can always be opened sandboxed even after they are moved from the main Downloads folder.
Is this Downloads folder sitting outside or inside a SBIE environment at all times? If it's not, thenssj100 wrote:Before I move files out of my main Downloads folder, I usually scan the folder with Emsisoft Emergency Kit (EEK).
doesn't that mean the files even though not opened yet with SBIE can be malicious?
ssj100 wrote:Then if all is clear (it always is), I would feel confident of moving the files out of the Downloads folder to a more permanent folder. However, as I stated above, I still open files like videos sandboxed even after moving them.
sanbox man- Member
- Posts : 10
Join date : 2016-08-17
Re: Newbie ..sandbox setup help
The actual Downloads folder is of course sitting outside the SBIE environment. The files could indeed be malicious, but then how are they going to execute by themselves? Even if it's possible for them to execute by themselves, my security setup (at least back on Windows XP) had an anti-executable component to it (SRP).
But if you're downloading and recovering specific files (eg. video/music files) out of the sandbox and into this Downloads folder, I really can't see how they can spontaneously execute when you're not even viewing (reading) them unsandboxed.
But if you're downloading and recovering specific files (eg. video/music files) out of the sandbox and into this Downloads folder, I really can't see how they can spontaneously execute when you're not even viewing (reading) them unsandboxed.
Page 1 of 2 • 1, 2
Similar topics
» ssj100's Security Setup
» ssj100's Security Setup updated for Windows 7 / 8 x86
» Sandbox VirtualBox
» Buster Sandbox Analyzer
» Avast Internet Security (with its own sandbox)
» ssj100's Security Setup updated for Windows 7 / 8 x86
» Sandbox VirtualBox
» Buster Sandbox Analyzer
» Avast Internet Security (with its own sandbox)
Page 1 of 2
Permissions in this forum:
You cannot reply to topics in this forum
|
|