Question
4 posters
Page 2 of 2
Page 2 of 2 • 1, 2
Re: Question
Regarding the location of the registry: http://help.lockergnome.com/windows2/file-located--ftopict484827.html
It seems that they are a number of 'files' located throughout the C drive which mean that they are already set to readonly with the settings you have devised. If any of what I'm saying is wrong please feel free to correct me.
Paul, are the C:/ read only settings that are discussed here act in the same way? Do they provide copy protection too?
Is there memory only malware with no executable or file involved or did I misunderstand?
It seems that they are a number of 'files' located throughout the C drive which mean that they are already set to readonly with the settings you have devised. If any of what I'm saying is wrong please feel free to correct me.
p2u wrote: Dll's can be readily downloaded from online resources, but if you have "copy"- protection on in AE2, the download will be blocked.
Paul, are the C:/ read only settings that are discussed here act in the same way? Do they provide copy protection too?
ssj100 wrote:what about malware which only exists in memory?
Is there memory only malware with no executable or file involved or did I misunderstand?
Rico- Advanced Member
- Posts : 118
Join date : 2010-06-18
Re: Question
Let me say first that "C:/ read only" doesn't seem workable to me.Rico wrote:Paul, are the C:/ read only settings that are discussed here act in the same way? Do they provide copy protection too?
P.S.: For Firefox it's enough to set it to start always in Private Mode.
- Code:
browser.privatebrowsing.autostart = true
The copy protection in AE2 has nothing to do with user (or program) access rights. AE2 determines that you want to download (= copy) an executable file from the Internet and will block that download.
P.S.: I believe this protection was also removed from AE3.
Paul
p2u- Valued Member
- Posts : 211
Join date : 2010-12-14
Re: Question
It's fine when specified to IE's virtual environment only (and apparently Chrome's?), and is a viable method of locking down the environment further (eg. for internet banking purposes). This is the flexibility of application virtualisation (Sandboxie in particular).p2u wrote:Let me say first that "C:/ read only" doesn't seem workable to me.
As I mentioned in the Sandboxie configuration thread, making C:\ read only will prevent all newly introduced file types from being downloaded/executed (written to disk). I think AE2 only prevents .EXE and .DLL types.
Re: Question
I was meaning malware which doesn't need to write to disk to perform malicious actions (eg. clip-board logging). Therefore, they execute and perform their actions only in memory. I'm not aware of such malware in-the-wild.Rico wrote:Is there memory only malware with no executable or file involved or did I misunderstand?
Re: Question
p2u wrote:Let me say first that "C:/ read only" doesn't seem workable to me.
P.S.: For Firefox it's enough to set it to start always in Private Mode.
I don't think this can prevent a driveby as a malicious site exploits vulnerabilities to be able to download anything without consent. In a perfect world, one would think that if they didn't explicitly permit the download of an executable it wouldn't be there. This however would be a vastly superior safety net that can't be beat.
@ ssj, so basically its not virus types that infest/ install on the PC? Clipboard logging shouldnt be an issue if you deisgnate a sandbox for unsafe vs safe browsing.
Rico- Advanced Member
- Posts : 118
Join date : 2010-06-18
Re: Question
Yes, I would suppose so. And yes, a good security approach with Sandboxie is also necessary to realise its potential.Rico wrote:@ ssj, so basically its not virus types that infest/ install on the PC? Clipboard logging shouldnt be an issue if you deisgnate a sandbox for unsafe vs safe browsing.
Page 2 of 2 • 1, 2
Similar topics
» Question
» An AV Question
» LUA Question
» Instant Messengers and Sandboxie
» Question about malware & Sandboxie
» An AV Question
» LUA Question
» Instant Messengers and Sandboxie
» Question about malware & Sandboxie
Page 2 of 2
Permissions in this forum:
You cannot reply to topics in this forum
|
|