Sandboxie4 vs. Angler Exploit Kit...

If it doesn't fit elsewhere, it goes here
Lumberjack
Posts: 91
Joined: Fri Nov 25, 2011 12:37 am

Re: Sandboxie4 vs. Angler Exploit Kit...

Post by Lumberjack » Thu Oct 09, 2014 7:09 am

Curt@invincea wrote:Sandboxie blocks exploits from affecting the host by containing them in the sandbox.
My general question about Sandboxie 4.12/alpha 4.13.5 are: against what forms of exploits, malwares, operation system vulnerabilities, dll injections, browser exploits, and etc. super-tightly configured Sandboxie does not, cannot and never will be able to protect against?
What about Invincea freespace (also super-tightly configured)?
Big thanks in advance.

Lumberjack
Posts: 91
Joined: Fri Nov 25, 2011 12:37 am

Re: Sandboxie4 vs. Angler Exploit Kit...

Post by Lumberjack » Wed Oct 15, 2014 2:59 pm

Curt@invincea wrote:1) You can't block win32k.sys with Sandboxie.
2) MS did say that a workaround to prevent Duqu (and other True Type font vulnerabilities) was to remove access to t2embed.dll. So, you could have done the same with Sandboxie (by blocking t2embed.dll) -- if you had known to do it.
But could than and can now Sandboxie4 protect against Duqu malware by not blocking t2embed.dll, but yet with start/run restrictions?

Curt@invincea
Sandboxie Lead Developer
Sandboxie Lead Developer
Posts: 1638
Joined: Fri Jan 17, 2014 5:21 pm
Contact:

Re: Sandboxie4 vs. Angler Exploit Kit...

Post by Curt@invincea » Thu Oct 16, 2014 6:27 pm

This PDF discusses EMET and memory exploitation. http://www.invincea.com/why-invincea/mi ... omparison/

Lumberjack
Posts: 91
Joined: Fri Nov 25, 2011 12:37 am

Re: Sandboxie4 vs. Angler Exploit Kit...

Post by Lumberjack » Fri Oct 17, 2014 8:47 am

Curt@invincea wrote:This PDF discusses EMET and memory exploitation. http://www.invincea.com/why-invincea/mi ... omparison/
But what does this have to do with my questions about SBIE4 protection against all forms of exploits, including memory based exploits/memry-based malwares, plus buffer overflows?
Unless, you're saying that SBIE4 is very similar to Invincea when it comes to design and protection options, which I somehow doubt very much.

Buster
Posts: 2576
Joined: Mon Aug 06, 2007 2:38 pm
Contact:

Re: Sandboxie4 vs. Angler Exploit Kit...

Post by Buster » Fri Oct 17, 2014 9:52 am

Lumberjack wrote:Unless, you're saying that SBIE4 is very similar to Invincea when it comes to design and protection options, which I somehow doubt very much.
Invincea is the name of the company, not the name of any software product.

Mr.X
Posts: 583
Joined: Sat Jul 13, 2013 9:34 am
Location: Mexico

Re: Sandboxie4 vs. Angler Exploit Kit...

Post by Mr.X » Fri Oct 17, 2014 12:23 pm

Buster wrote:
Lumberjack wrote:Unless, you're saying that SBIE4 is very similar to Invincea when it comes to design and protection options, which I somehow doubt very much.
Invincea is the name of the company, not the name of any software product.
Seems Mr. Lumberjack is a bit reluctant, beforehand, to whatever Curt writes down as an answer to his questions. :shock:
Windows 8.1 x64/x86 EN | Sandboxie latest beta or stable | All software latest versions unless stated otherwise

Lumberjack
Posts: 91
Joined: Fri Nov 25, 2011 12:37 am

Re: Sandboxie4 vs. Angler Exploit Kit...

Post by Lumberjack » Fri Oct 17, 2014 2:24 pm

Buster wrote:
Lumberjack wrote:Unless, you're saying that SBIE4 is very similar to Invincea when it comes to design and protection options, which I somehow doubt very much.
Invincea is the name of the company, not the name of any software product.
Yes, but this does not answer my questions about SBIE4 vs. memory exploits/memory payloads/malwares/buffer overflows and etc.

Curt@invincea
Sandboxie Lead Developer
Sandboxie Lead Developer
Posts: 1638
Joined: Fri Jan 17, 2014 5:21 pm
Contact:

Re: Sandboxie4 vs. Angler Exploit Kit...

Post by Curt@invincea » Fri Oct 17, 2014 3:08 pm

Invincea FreeSpace is built on top of Sandboxie.

Lumberjack
Posts: 91
Joined: Fri Nov 25, 2011 12:37 am

Re: Sandboxie4 vs. Angler Exploit Kit...

Post by Lumberjack » Fri Oct 17, 2014 3:33 pm

Curt@invincea wrote:Invincea FreeSpace is built on top of Sandboxie.
Did you mean by this that by design, security and protections options Invincea FreeSpace=Sandboxie4?

Buster
Posts: 2576
Joined: Mon Aug 06, 2007 2:38 pm
Contact:

Re: Sandboxie4 vs. Angler Exploit Kit...

Post by Buster » Fri Oct 17, 2014 3:59 pm

Lumberjack wrote:Yes, but this does not answer my questions about SBIE4 vs. memory exploits/memory payloads/malwares/buffer overflows and etc.
I doubt any answer would satisfy you.

Buster
Posts: 2576
Joined: Mon Aug 06, 2007 2:38 pm
Contact:

Re: Sandboxie4 vs. Angler Exploit Kit...

Post by Buster » Fri Oct 17, 2014 4:01 pm

Lumberjack wrote:But could than and can now Sandboxie4 protect against Duqu malware by not blocking t2embed.dll, but yet with start/run restrictions?
Define "protect".

bo.elam
Sandboxie Guru
Sandboxie Guru
Posts: 2809
Joined: Wed Apr 22, 2009 9:17 pm

Re: Sandboxie4 vs. Angler Exploit Kit...

Post by bo.elam » Fri Oct 17, 2014 10:15 pm

Lumberjack wrote: Did you mean by this that by design, security and protections options Invincea FreeSpace=Sandboxie4?
Lumberjack, I think Curt means that Freespace is Sandboxie and more. And when he posted the link below, he is telling you that what the link says, it applies to Sandboxie as well. :)
http://www.invincea.com/why-invincea/mi ... omparison/

To all: I know Lumberjack AKA as Coolwebsearch can be a pain in the butt with the barrage of questions but he is a nice kid. And he loves Sandboxie. Right, jack? :D

Bo

Lumberjack
Posts: 91
Joined: Fri Nov 25, 2011 12:37 am

Re: Sandboxie4 vs. Angler Exploit Kit...

Post by Lumberjack » Sat Oct 18, 2014 2:02 am

bo.elam wrote:
Lumberjack wrote: Did you mean by this that by design, security and protections options Invincea FreeSpace=Sandboxie4?
Lumberjack, I think Curt means that Freespace is Sandboxie and more. And when he posted the link below, he is telling you that what the link says, it applies to Sandboxie as well. :)
http://www.invincea.com/why-invincea/mi ... omparison/

To all: I know Lumberjack AKA as Coolwebsearch can be a pain in the butt with the barrage of questions but he is a nice kid. And he loves Sandboxie. Right, jack? :D

Bo
I do like Sandboxie, very, very much, actually I started to use it mostly because of your recommendations I've seen here on this and on and I did not regret it.
It's truly a wonderful piece of software, and the only reason why I ask so much questions is very simple reason:
I want to know, what else do I need to have for complete protection, and I wanted to know against what Sandboxie does not protect, so I can add protection in addition with Sandboxie.
So far the only thing that Sandboxie misses to protect are keyloggers and exploits within browser processes, if I'm still right?
Hopefully, curt will put in Sandboxie low level hooks to stop even keyloggers in the future (at least that was said on Wilder security forums, that sandboxie needs to block low level hooks if it wants to protect against keyloggers)?

BoredNow
Posts: 56
Joined: Sat Sep 25, 2010 4:49 pm

Re: Sandboxie4 vs. Angler Exploit Kit...

Post by BoredNow » Fri Oct 24, 2014 2:57 pm

Lumberjack wrote:(at least that was said on Wilder security forums, that sandboxie needs to block low level hooks if it wants to protect against keyloggers)?
The only time you need to worry about keyloggers is if you are banking or shopping on-line. So just delete the contents in your browsers sandbox before you bank or shop.
Now if you worry that your keystrokes are being monitored while visiting this or any other goofy website then you could use "Zemana's AntiLogger - Free", but frankly, who cares what we are all blathering about on the internet. :wink:
Windows 7 Home Premium 64-bit
SandboxIE 5.2.1.2

Domochevsky
Posts: 125
Joined: Wed Jun 05, 2013 7:04 pm

Re: Sandboxie4 vs. Angler Exploit Kit...

Post by Domochevsky » Fri Oct 24, 2014 3:03 pm

BoredNow wrote:... but frankly, who cares what we are all blathering about on the internet. :wink:
...the NSA? Shady Advertisers? People who really want to hack into your machine? :wink:

Post Reply

Who is online

Users browsing this forum: No registered users and 0 guests