Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Security
Guides - Privacy & Security Tips
Protect your system whilst browsing the internet
Message
<blockquote data-quote="Deleted member 21043" data-source="post: 398828"><p><span style="font-size: 12px">Hello everyone!</span></p><p><span style="font-size: 12px"></span></p><p><span style="font-size: 12px">Today I am going to give you a method of securing your system whilst browsing the internet. For this thread, I will be using the sandboxing software, Sandboxie, and explain how sandboxing your browser protects your system.</span></p><p><span style="font-size: 12px"></span></p><p><span style="font-size: 15px"><u><strong>1. Why sandboxing your browser is a good idea</strong></u></span></p><p><span style="font-size: 12px">- If you download a suspicious application, you can have it executed in the sandbox with a few clicks.</span></p><p><span style="font-size: 12px">- If you get infected by a drive-by-drive download (of course without being aware of it occuring), the sandbox will be compromised as opposed to it affecting your real system/your documents, and then you can reset the sandbox and go back to to normal.</span></p><p><span style="font-size: 12px">- If you download malicious software (e.g. rootkit, ransomware, bootkit, trojan downloader) and run it, everything will happen inside of the sandbox instead of affecting your real system. This is really good, as it allows you to see how a program behaves before allowing it non-virtualized. </span></p><p><span style="font-size: 12px">- If you get infected by a keylogger on your main system (without being aware, if you were aware of course you'd get the infection cleaned), it won't be able to access information from the browser which is being sandboxed.</span></p><p></p><p><span style="font-size: 15px"><u><strong>2. How to install Sandboxie</strong></u></span></p><p><span style="font-size: 12px">Before you can install Sandboxie, you need to download the installer. You can do so by navigating to the official website and downloading it: <a href="http://www.sandboxie.com/index.php?DownloadSandboxie" target="_blank">http://www.sandboxie.com/index.php?DownloadSandboxie</a> <a href="http://www.sandboxie.com/index.php?AllVersions" target="_blank">http://www.sandboxie.com/index.php?AllVersions</a></span></p><p><span style="font-size: 12px"></span></p><p><span style="font-size: 12px">You'll need to download the correct version depending on if you're on a 32-bit or 64-bit version of Windows.</span></p><p><span style="font-size: 12px"></span></p><p><span style="font-size: 12px">After the installer has downloaded, open it up. <strong>**It will require administrator privileges to run, you'll be required to confirm the UAC popup if you have UAC enabled**.</strong></span></p><p><span style="font-size: 12px"></span></p><p><span style="font-size: 12px">After confirming the UAC alert, Sandboxie should present the first stage of the installer which is choosing the language out of the supported languages. Once you have finished setting your language, click OK. The License Agreement will then be displayed, make sure to read through it; reading through the License Agreements/Privacy Policies of security software is very important. If you are happy with the License Agreement, you can click 'I Agree'. Sandboxie will then allow you to configure the directory Sandboxie will be installed too, I recommend leaving the path as the default one. After you have finished with that step, Sandboxie will proceed to install. </span></p><p><span style="font-size: 12px"></span></p><p><span style="font-size: 12px">Once installation has complete, you have a very important stage to have completed - <strong>installing and activating the Sandboxie Kernel-Mode driver (Sandboxie name it "system-level").</strong> <u>I recommend you temporarily disable any other security software you have active currently, because they may interfere with the process and block the loading of the driver.</u> </span></p><p></p><p><span style="font-size: 12px">In the below spoiler, I have made a screenshot and scaled it down for you to see what the installer now looks like for me for this stage:</span></p><p><span style="font-size: 12px">[SPOILER]</span></p><p><span style="font-size: 12px"><img src="http://snag.gy/Rz8Ff.jpg" alt="" class="fr-fic fr-dii fr-draggable " style="" /> </span></p><p><span style="font-size: 12px">[/SPOILER]</span></p><p><span style="font-size: 12px"></span></p><p><span style="font-size: 12px">Select '<strong>Next ></strong>'. If it's a success, you'll be presented the finished stage view. You can now exit out of the installer, installation has completed successfully.</span></p><p><span style="font-size: 12px"></span></p><p><span style="font-size: 12px">After installation has finished, when Sandboxie is opened/opens up, you'll be prompted with a software compatibility list. The way it works is Sandboxie will try to enhance compatibility between the programs in the list (if possible).</span></p><p><span style="font-size: 12px"></span></p><p><span style="font-size: 12px">[SPOILER="Screenshot"]</span></p><p><span style="font-size: 12px"><img src="http://snag.gy/HZcGU.jpg" alt="" class="fr-fic fr-dii fr-draggable " style="" /> </span></p><p><span style="font-size: 12px">[/SPOILER]</span></p><p><span style="font-size: 12px"></span></p><p><span style="font-size: 12px">Since I do not mind, I am going to hit OK, enhancing compatbility with the items in the list.</span></p><p><span style="font-size: 12px"></span></p><p><span style="font-size: 12px">The Sandboxie tutorial window should now open, you can go through these steps, read the information shown on the window since it can help you.</span></p><p><span style="font-size: 12px"></span></p><p><span style="font-size: 15px"><u><strong>3. How to sandbox your browser using Sandboxie</strong></u></span></p><p><span style="font-size: 12px">When you were setting up Sandboxie, a desktop shortcut should have been made by Sandboxie, with the filename, "Sandboxed Web Browser". The target path for the shortcut (for me) would be: <strong>"C:\Program Files\Sandboxie\Start.exe" default_browser</strong></span></p><p><span style="font-size: 12px"></span></p><p><span style="font-size: 12px"><strong><img src="http://snag.gy/XvL8z.jpg" alt="" class="fr-fic fr-dii fr-draggable " style="" /> </strong></span></p><p><span style="font-size: 12px"></span></p><p><span style="font-size: 12px">Open up the shortcut (double click/right click > Open) and the default web browser should be executed in the Sandbox.</span></p><p><span style="font-size: 12px"></span></p><p><span style="font-size: 12px">My default browser on my system is Firefox, therefore Firefox was executed in the Sandbox when I opened the shortcut up. If you run a program in the Sandbox, you may notice the yellow border around the application - this represents that the program is being sandboxed:</span></p><p><span style="font-size: 12px"></span></p><p><span style="font-size: 12px">[SPOILER="Screenshot"]</span></p><p><span style="font-size: 12px"><img src="http://snag.gy/5zpfR.jpg" alt="" class="fr-fic fr-dii fr-draggable " style="" /> </span></p><p><span style="font-size: 12px">[/SPOILER]</span></p><p><span style="font-size: 12px"></span></p><p><span style="font-size: 12px">If you wish to sandbox a different browser installed on your system (or if you misplaced the desktop shortcut), you can open Sandboxie via the System Tray icon (double click it). </span></p><p><span style="font-size: 12px"></span></p><p><span style="font-size: 12px"><img src="http://snag.gy/u1DWF.jpg" alt="" class="fr-fic fr-dii fr-draggable " style="" /> </span></p><p><span style="font-size: 12px"></span></p><p><span style="font-size: 12px">From the Sandboxie main window, go to <strong>Sandbox > DefaultBox > Run Sandboxed > Run Any Program</strong></span></p><p><span style="font-size: 12px"></span></p><p><span style="font-size: 12px">[SPOILER="Screenshot"]</span></p><p><span style="font-size: 12px"><img src="http://snag.gy/t0Yxv.jpg" alt="" class="fr-fic fr-dii fr-draggable " style="" /> </span></p><p><span style="font-size: 12px">[/SPOILER]</span></p><p><span style="font-size: 12px"></span></p><p><span style="font-size: 12px">A new window will be displayed. Enter the path to the executable you wish to run sandboxed, I will put the path to Google Chrome (for my system).</span></p><p><span style="font-size: 12px"></span></p><p><span style="font-size: 12px">[SPOILER="Screenshot"]</span></p><p><span style="font-size: 12px"><img src="http://snag.gy/Bl5nK.jpg" alt="" class="fr-fic fr-dii fr-draggable " style="" /> </span></p><p><span style="font-size: 12px">[/SPOILER]</span></p><p><span style="font-size: 12px"></span></p><p><span style="font-size: 12px">Once you have entered the path to the executable you wish to run sandboxed, click OK.</span></p><p><span style="font-size: 12px"></span></p><p><span style="font-size: 12px">Google Chrome now launches in the Sandbox.</span></p><p><span style="font-size: 12px"></span></p><p><span style="font-size: 12px">We can see it's running in the sandbox from the main window, it's listed:</span></p><p><span style="font-size: 12px"></span></p><p><span style="font-size: 12px">[SPOILER="Screenshot"]</span></p><p><span style="font-size: 12px"><img src="http://snag.gy/pAagD.jpg" alt="" class="fr-fic fr-dii fr-draggable " style="" /> </span></p><p><span style="font-size: 12px">[/SPOILER]</span></p><p><span style="font-size: 12px"></span></p><p><span style="font-size: 12px">When you are finished with the Sandbox, you can Empty the can 'Delete Contents'. The option is under <strong>Sandbox > DefaultBox.</strong> After this, if you'd like, you can Delete Sandbox (also under <strong>Sandbox > DefaultBox</strong>). You can access the dropdown menu from right click on the system-tray icon, also.</span></p><p><span style="font-size: 12px"></span></p><p><span style="font-size: 12px">You can terminate a program running in the sandbox by right clicking on the item in the programs list and selecting 'Terminate Program' option or by using <strong>Sandbox > DefaultBox > Terminate Programs </strong>option.</span></p><p><span style="font-size: 12px"></span></p><p><span style="font-size: 12px">Anything that happens now regarding the browser will occur in the Sandbox. If you get infected via drive-by-downloads, it will all be inside of the sandbox. However, exploits are possible; it's technically possible for an exploit to allow malware to escape the sandbox. However, there are currently no known exploits for sandboxie and the developmet team for the product are extremely intelligent, hardworking and quick to fix bugs so hopefully there won't be an issue anytime soon.</span></p><p><span style="font-size: 12px"></span></p><p><strong><u><span style="font-size: 15px">4. Warnings</span></u></strong></p><p><span style="font-size: 12px">- <strong><span style="color: #b30000">Data theft can still occur in the sandbox!</span></strong> (If you run malware in the sandbox, it can steal data from the web browser being sandboxed).</span></p><p><span style="font-size: 12px">- Sandbox uses a kernel-mode driver - <strong>if there is an issue with it, it can cause BSOD crashes.</strong></span></p><p><span style="font-size: 12px">- Some software/malware is Anti-VM/Anti-Sandbox, meaning it may attempt to trick you by pretending to do no harm but then when used on a real, non-virtualized environment, it causes harm to the system/users documents.</span></p><p><span style="font-size: 12px">- If the sandbox isn't set up correctly, and the sandbox is infected, it can still steal. Make sure to block off directories from access.</span></p><p><span style="font-size: 12px">- Make sure programs in the sandbox cannot access directories like C:\Windows.</span></p><p><span style="font-size: 12px"></span></p><p><span style="font-size: 12px">Cheers. <img src="data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7" class="smilie smilie--sprite smilie--sprite110" alt=";)" title="Wink ;)" loading="lazy" data-shortname=";)" /></span></p></blockquote><p></p>
[QUOTE="Deleted member 21043, post: 398828"] [SIZE=3]Hello everyone! Today I am going to give you a method of securing your system whilst browsing the internet. For this thread, I will be using the sandboxing software, Sandboxie, and explain how sandboxing your browser protects your system. [/SIZE] [SIZE=4][U][B]1. Why sandboxing your browser is a good idea[/B][/U][/SIZE] [SIZE=3]- If you download a suspicious application, you can have it executed in the sandbox with a few clicks. - If you get infected by a drive-by-drive download (of course without being aware of it occuring), the sandbox will be compromised as opposed to it affecting your real system/your documents, and then you can reset the sandbox and go back to to normal. - If you download malicious software (e.g. rootkit, ransomware, bootkit, trojan downloader) and run it, everything will happen inside of the sandbox instead of affecting your real system. This is really good, as it allows you to see how a program behaves before allowing it non-virtualized. - If you get infected by a keylogger on your main system (without being aware, if you were aware of course you'd get the infection cleaned), it won't be able to access information from the browser which is being sandboxed.[/SIZE] [SIZE=4][U][B]2. How to install Sandboxie[/B][/U][/SIZE] [SIZE=3]Before you can install Sandboxie, you need to download the installer. You can do so by navigating to the official website and downloading it: [URL]http://www.sandboxie.com/index.php?DownloadSandboxie[/URL] [URL]http://www.sandboxie.com/index.php?AllVersions[/URL] You'll need to download the correct version depending on if you're on a 32-bit or 64-bit version of Windows. After the installer has downloaded, open it up. [B]**It will require administrator privileges to run, you'll be required to confirm the UAC popup if you have UAC enabled**.[/B] After confirming the UAC alert, Sandboxie should present the first stage of the installer which is choosing the language out of the supported languages. Once you have finished setting your language, click OK. The License Agreement will then be displayed, make sure to read through it; reading through the License Agreements/Privacy Policies of security software is very important. If you are happy with the License Agreement, you can click 'I Agree'. Sandboxie will then allow you to configure the directory Sandboxie will be installed too, I recommend leaving the path as the default one. After you have finished with that step, Sandboxie will proceed to install. Once installation has complete, you have a very important stage to have completed - [B]installing and activating the Sandboxie Kernel-Mode driver (Sandboxie name it "system-level").[/B] [U]I recommend you temporarily disable any other security software you have active currently, because they may interfere with the process and block the loading of the driver.[/U] [/SIZE] [SIZE=3]In the below spoiler, I have made a screenshot and scaled it down for you to see what the installer now looks like for me for this stage: [SPOILER] [IMG]http://snag.gy/Rz8Ff.jpg[/IMG] [/SPOILER] Select '[B]Next >[/B]'. If it's a success, you'll be presented the finished stage view. You can now exit out of the installer, installation has completed successfully. After installation has finished, when Sandboxie is opened/opens up, you'll be prompted with a software compatibility list. The way it works is Sandboxie will try to enhance compatibility between the programs in the list (if possible). [SPOILER="Screenshot"] [IMG]http://snag.gy/HZcGU.jpg[/IMG] [/SPOILER] Since I do not mind, I am going to hit OK, enhancing compatbility with the items in the list. The Sandboxie tutorial window should now open, you can go through these steps, read the information shown on the window since it can help you. [/SIZE] [SIZE=4][U][B]3. How to sandbox your browser using Sandboxie[/B][/U][/SIZE] [SIZE=3]When you were setting up Sandboxie, a desktop shortcut should have been made by Sandboxie, with the filename, "Sandboxed Web Browser". The target path for the shortcut (for me) would be: [B]"C:\Program Files\Sandboxie\Start.exe" default_browser[/B] [B][IMG]http://snag.gy/XvL8z.jpg[/IMG] [/B] Open up the shortcut (double click/right click > Open) and the default web browser should be executed in the Sandbox. My default browser on my system is Firefox, therefore Firefox was executed in the Sandbox when I opened the shortcut up. If you run a program in the Sandbox, you may notice the yellow border around the application - this represents that the program is being sandboxed: [SPOILER="Screenshot"] [IMG]http://snag.gy/5zpfR.jpg[/IMG] [/SPOILER] If you wish to sandbox a different browser installed on your system (or if you misplaced the desktop shortcut), you can open Sandboxie via the System Tray icon (double click it). [IMG]http://snag.gy/u1DWF.jpg[/IMG] From the Sandboxie main window, go to [B]Sandbox > DefaultBox > Run Sandboxed > Run Any Program[/B] [SPOILER="Screenshot"] [IMG]http://snag.gy/t0Yxv.jpg[/IMG] [/SPOILER] A new window will be displayed. Enter the path to the executable you wish to run sandboxed, I will put the path to Google Chrome (for my system). [SPOILER="Screenshot"] [IMG]http://snag.gy/Bl5nK.jpg[/IMG] [/SPOILER] Once you have entered the path to the executable you wish to run sandboxed, click OK. Google Chrome now launches in the Sandbox. We can see it's running in the sandbox from the main window, it's listed: [SPOILER="Screenshot"] [IMG]http://snag.gy/pAagD.jpg[/IMG] [/SPOILER] When you are finished with the Sandbox, you can Empty the can 'Delete Contents'. The option is under [B]Sandbox > DefaultBox.[/B] After this, if you'd like, you can Delete Sandbox (also under [B]Sandbox > DefaultBox[/B]). You can access the dropdown menu from right click on the system-tray icon, also. You can terminate a program running in the sandbox by right clicking on the item in the programs list and selecting 'Terminate Program' option or by using [B]Sandbox > DefaultBox > Terminate Programs [/B]option. Anything that happens now regarding the browser will occur in the Sandbox. If you get infected via drive-by-downloads, it will all be inside of the sandbox. However, exploits are possible; it's technically possible for an exploit to allow malware to escape the sandbox. However, there are currently no known exploits for sandboxie and the developmet team for the product are extremely intelligent, hardworking and quick to fix bugs so hopefully there won't be an issue anytime soon. [/SIZE] [B][U][SIZE=4]4. Warnings[/SIZE][/U][/B] [SIZE=3]- [B][COLOR=#b30000]Data theft can still occur in the sandbox![/COLOR][/B] (If you run malware in the sandbox, it can steal data from the web browser being sandboxed). - Sandbox uses a kernel-mode driver - [B]if there is an issue with it, it can cause BSOD crashes.[/B] - Some software/malware is Anti-VM/Anti-Sandbox, meaning it may attempt to trick you by pretending to do no harm but then when used on a real, non-virtualized environment, it causes harm to the system/users documents. - If the sandbox isn't set up correctly, and the sandbox is infected, it can still steal. Make sure to block off directories from access. - Make sure programs in the sandbox cannot access directories like C:\Windows. Cheers. ;)[/SIZE] [/QUOTE]
Insert quotes…
Verification
Post reply
Top