Can you get infected if sandboxie can access the internet?

RoboMan

Level 34
Verified
Top Poster
Content Creator
Well-known
Jun 24, 2016
2,399
I believe the only way to get infected would be if you share network folder between host and isolation mode. Just because a software can access itnernet in isolated way doesn't mean it can get you infected.
 
9

93803123

Can it somehow infect you via network if you test malware (just your average PC connected to the router)? If so, how are the chances?

Sandboxie only protects your local system. Other systems can still be infected. Testing malware can result in a spread across your local area network (LAN), dependent upon the network access allowed in Sandboxie as well as the networking for the PC on which Sandboxie runs and the network access configuration for all other systems on the LAN.

With just a single PC connected to a router there is a risk that additional infection could happen. The how of it can be any of a number of ways. There is no way to quantify that risk, but the probability would be a relatively small number.
 
Last edited by a moderator:

Hormoz

New Member
Thread author
Oct 3, 2019
9
With just a single PC connected to a router there is a risk that additional infection could happen. The how of it can be any of a number of ways. There is no way to quantify that risk, but the probability would be a relatively small number.

Does having a software firewall on your computer (windows firewall for example) enabled help? How are the chances if you disable that software firewall then, is it still small or does it get big?
Also how does all this apply to virtual machines like VirtualBox infecting the host system? Does a software firewall on the host system help? How are the chances without software firewall?
(This is all about a single system connected to a router by the way.)
 

blackice

Level 38
Verified
Top Poster
Well-known
Apr 1, 2019
2,731
I believe the reason people in the hub use a VPN while testing is to isolate their internet connection from the local network. In that way no other systems on the local network would be affected. As for the sandboxie specifics I have no idea, but am curious to see the answer.
 
Last edited:

silversurfer

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
Aug 17, 2014
10,057
I believe the reason people in the hub use a VPN while testing is to isolate their internet connection from the local network. In that way no other systems on the local network would be affected. As for the sandboxie specifics I have no idea, but am curious to see the answer.
There is more than one reason to use VPN for testing malware samples, Your ISP would be known about your testing activities sooner or later,
ISP are able to lock your internet connection for some weeks or something similar...
 

blackice

Level 38
Verified
Top Poster
Well-known
Apr 1, 2019
2,731
There is more than one reason to use VPN for testing malware samples, Your ISP would be known about your testing activities sooner or later,
ISP are able to lock your internet connection for some weeks or something similar...
Good point, I hadn’t considered that. They probably don’t want volumes of malware wandering through their network. :p
 

ichito

Level 11
Verified
Top Poster
Content Creator
Well-known
Dec 12, 2013
541
There was an interresting discuss on Wilders about Bromium Lab's test of some sandbox technologies
Unfortunately original article is already not avaliable on BL page but here is the full report
and video presentation from Derbycon 2013
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top