Robbie

Level 29
Verified
Content Creator
Malware Tester
I believe the only way to get infected would be if you share network folder between host and isolation mode. Just because a software can access itnernet in isolated way doesn't mean it can get you infected.
 
9

93803123

Can it somehow infect you via network if you test malware (just your average PC connected to the router)? If so, how are the chances?
Sandboxie only protects your local system. Other systems can still be infected. Testing malware can result in a spread across your local area network (LAN), dependent upon the network access allowed in Sandboxie as well as the networking for the PC on which Sandboxie runs and the network access configuration for all other systems on the LAN.

With just a single PC connected to a router there is a risk that additional infection could happen. The how of it can be any of a number of ways. There is no way to quantify that risk, but the probability would be a relatively small number.
 
Last edited by a moderator:

Hormoz

New Member
With just a single PC connected to a router there is a risk that additional infection could happen. The how of it can be any of a number of ways. There is no way to quantify that risk, but the probability would be a relatively small number.
Does having a software firewall on your computer (windows firewall for example) enabled help? How are the chances if you disable that software firewall then, is it still small or does it get big?
Also how does all this apply to virtual machines like VirtualBox infecting the host system? Does a software firewall on the host system help? How are the chances without software firewall?
(This is all about a single system connected to a router by the way.)
 

blackice

Level 13
Verified
I believe the reason people in the hub use a VPN while testing is to isolate their internet connection from the local network. In that way no other systems on the local network would be affected. As for the sandboxie specifics I have no idea, but am curious to see the answer.
 
Last edited:

silversurfer

Level 53
Verified
Trusted
Content Creator
Malware Hunter
I believe the reason people in the hub use a VPN while testing is to isolate their internet connection from the local network. In that way no other systems on the local network would be affected. As for the sandboxie specifics I have no idea, but am curious to see the answer.
There is more than one reason to use VPN for testing malware samples, Your ISP would be known about your testing activities sooner or later,
ISP are able to lock your internet connection for some weeks or something similar...
 

ichito

Level 6
Verified
Content Creator
There was an interresting discuss on Wilders about Bromium Lab's test of some sandbox technologies
Unfortunately original article is already not avaliable on BL page but here is the full report
and video presentation from Derbycon 2013