Application Sandboxes: A pen-tester’s perspective

Discussion in 'sandboxing & virtualization' started by BoerenkoolMetWorst, Jul 25, 2013.

Thread Status:
Not open for further replies.
  1. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,738
    It's not meant to duplicate what's already there. By now frankly I could care less how much you know about Sandboxie and how little about Chrome, Windows, or the Internet itself.
    Applocker or SRP are only 2 examples of group policies. Guess how web exploits work since plugin/script blocking and HTTP Authentication aren't a big deal? Comparing Windows Firewall with Sandboxie restrictions is a joke.
    And I'll leave it at that due to how pointless this has all been.
     
  2. CoolWebSearch

    CoolWebSearch Registered Member

    Joined:
    Sep 30, 2007
    Posts:
    1,247
    Sorry, but I have more than enough experience with plugin/script blocking to say they are worthless as protection again web exploits, especially every time my family is surfing and visiting websites they need for their job, I also don't need script/plugin blocking that is blocking the access to my email, if that's the way to block web exploits than there is something wrong with that approach for millions of average joes.
    You better come up with something much more useful that would not interfere with surfing and accessing websites and emails.

    HTTP authentication is not a big deal if it's blocking website from work for example, much like some products like TrendMicro and McAfeeSie Advisor do, and yet they are trusted websites, than there is again something wrong with that approach.
    This is a total joke.
    SBIE with start/run restrictions and block access options beats all this mentioned combined, plus it's much more useful.
    Windows XP firewall if you know what to do with it, is much more useful than you think.
    I truly don't know in what world do you live...o_O
     
  3. CoolWebSearch

    CoolWebSearch Registered Member

    Joined:
    Sep 30, 2007
    Posts:
    1,247
    Cool, man big thanks for this highly helpful link and thanks for you tips!
     
  4. guest

    guest Guest

    @CWS

    Why is it so hard for you to accept the reality that Sandboxie is not the only way to successfully prevent malicious attacks? And about script filtering, did you create a whitelist for websites you and your family often visit? If NoScript-like extensions are too bothersome to use then there is Adblock Plus which also offers content filtering, although limited to advertisements and I believe web trackers too. But IMO it should be sufficient enough.
     
  5. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590
    Folks this has gotten so far off topic that it's getting silly.

    If there is no more to say on the topic, then it's time to close this thread.

    Pete
     
  6. CoolWebSearch

    CoolWebSearch Registered Member

    Joined:
    Sep 30, 2007
    Posts:
    1,247
    Well, DefenseWall on 32-bit systems is at least as strong as AppGuard, perhaps even slightly stronger.
     
  7. CoolWebSearch

    CoolWebSearch Registered Member

    Joined:
    Sep 30, 2007
    Posts:
    1,247
    Trust me, it's painful job to do with NoScript than Script Defender for Chrome, because I cannot remember every single website that is needed for my parents and my brother.
    But I do use Adblock Edge for firefox and Adblock for Google Chrome.

    But it doesn't matter, I'll say you, J L, Hungry Man, Windows Security, Gullible Jones, Peter, wat114 won this debate, I truly don't have time anymore to debate.

    I only hope you, Hungry Man, Windows Security, J L, Gullible Jones, Peter, wat114 and etc. are all right when you talk about this.
     
  8. guest

    guest Guest

    Understood, we have the same problem.

    It's not about winning or losing. One side said sandboxing a sandbox is redundant, other side said it isn't. Personally, based on what I've got so far, I'm pretty confident to use Chrome's sandbox by itself without another sandbox (and even EMET) on top of it. ;)
     
  9. safeguy

    safeguy Registered Member

    Joined:
    Jun 14, 2010
    Posts:
    1,795
    I agree this has been ridiculous. It'd be a waste to close a thread like this because of it though; when we can have much more meaningful discussion if people actually take the time to try and understand the message (hint: read the report and read up on how sandboxes work). As for the rest whom have tried so hard to explain yet in vain, the answer is simple: do not feed the troll.
     
  10. Jarmo P

    Jarmo P Registered Member

    Joined:
    Aug 27, 2005
    Posts:
    1,207
    Please shut this thread down, just reading the above post of someone wanting it to continue. But really the message has been transfered. Now we know it is useless sandboxing our apps or our installs lool.

    Really shut this thread down for the peace keeps sake if not for anything else hehe.
     
    Last edited: Nov 26, 2013
  11. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590
    Okay. This thread has raised awareness and has been exhaused.

    Closed.

    Pete
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.