Discuss Can you get infected if sandboxie can access the internet?

Robbie

Robbie

Level 29
Verified
Content Creator
Malware Tester
I believe the only way to get infected would be if you share network folder between host and isolation mode. Just because a software can access itnernet in isolated way doesn't mean it can get you infected.
 
9

93803123

Hormoz said:
Can it somehow infect you via network if you test malware (just your average PC connected to the router)? If so, how are the chances?
Click to expand...
Sandboxie only protects your local system. Other systems can still be infected. Testing malware can result in a spread across your local area network (LAN), dependent upon the network access allowed in Sandboxie as well as the networking for the PC on which Sandboxie runs and the network access configuration for all other systems on the LAN.

With just a single PC connected to a router there is a risk that additional infection could happen. The how of it can be any of a number of ways. There is no way to quantify that risk, but the probability would be a relatively small number.
 
Last edited by a moderator:
H

Hormoz

New Member
zhuzhangspankspank said:
With just a single PC connected to a router there is a risk that additional infection could happen. The how of it can be any of a number of ways. There is no way to quantify that risk, but the probability would be a relatively small number.
Click to expand...
Does having a software firewall on your computer (windows firewall for example) enabled help? How are the chances if you disable that software firewall then, is it still small or does it get big?
Also how does all this apply to virtual machines like VirtualBox infecting the host system? Does a software firewall on the host system help? How are the chances without software firewall?
(This is all about a single system connected to a router by the way.)
 
blackice

blackice

Level 13
Verified
I believe the reason people in the hub use a VPN while testing is to isolate their internet connection from the local network. In that way no other systems on the local network would be affected. As for the sandboxie specifics I have no idea, but am curious to see the answer.
 
Last edited:
silversurfer

silversurfer

Level 53
Verified
Trusted
Content Creator
Malware Hunter
blackice said:
I believe the reason people in the hub use a VPN while testing is to isolate their internet connection from the local network. In that way no other systems on the local network would be affected. As for the sandboxie specifics I have no idea, but am curious to see the answer.
Click to expand...
There is more than one reason to use VPN for testing malware samples, Your ISP would be known about your testing activities sooner or later,
ISP are able to lock your internet connection for some weeks or something similar...
 
ichito

ichito

Level 6
Verified
Content Creator
There was an interresting discuss on Wilders about Bromium Lab's test of some sandbox technologies
www.wilderssecurity.com

Application Sandboxes: A pen-tester’s perspective

I’m excited to announce a new research report from Bromium Labs, written by myself and Rafal Wojtczuk. It ended up being far more comprehensive than we...
www.wilderssecurity.com www.wilderssecurity.com
Unfortunately original article is already not avaliable on BL page but here is the full report
and video presentation from Derbycon 2013
 
You must log in or register to reply here.

Similar threads

TheMalwareMaster
Q&A Smartphone security: testing if any app sends plain text content to the internet
0
TheMalwareMaster
TheMalwareMaster
R
Discuss Should you setup password on your (offline) Windows Account even if you have BitLocker on?
    • Like
4
DeepWeb
DeepWeb
Digmor Crusher
Discuss If you could pick only one program for protection.
    • Like
254
invictusphoenix
invictusphoenix