Advice Request Can't download any file while Chrome is sandboxed

Please provide comments and solutions that are helpful to the author of this topic.

Status
Not open for further replies.
G

Glynn

Level 2
Thread author
Verified
Aug 16, 2017
67
Hello Everyone

This is my first post. As the title says, i can not download any file from the internet when Chrome is in Comodo's containment(sandbox). The "save as" window does not appear. Everything works 100% when Chrome is launched normally. I have comodo firewall 10.0.1.6258 installed and all settings @cs.
 
cruelsister

cruelsister

Level 43
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 13, 2013
3,224
Glynn- Go to Firewall settings, then into Application Rules.

1). Then find Chrome and check the box next to it
2). Click on Edit
3). Click "Use a RuleSet" and choose Web Browser.

Try it then...
 
Last edited:
G

Glynn

Level 2
Thread author
Verified
Aug 16, 2017
67
Hello cruelsister, i tried it, but it still does not work

Ok, i disabled the firewall module of comodo and it still does the same thing, :(

I changed the ruleset from web browser to allowed application, still nothing
 
Last edited:
cruelsister

cruelsister

Level 43
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 13, 2013
3,224
With the Firewall disabled, nothing should be blocked, so I am at a loss. But I don't as a rule suggest that the browser be sandboxed anyway (any exploit you happen upon would be picked up by Containment). So try this - Uninstall Chrome and then reinstall. Try it outside of containment and see if it works properly.

If it does, then sandbox it and set it in Firewall as Browser.
 
G

Glynn

Level 2
Thread author
Verified
Aug 16, 2017
67
Ok, i'll try the uninstallation of chrome, BUT downloading files already work normally(the "save as" window appears) when chrome is ran unsandboxed. I am trying to get the sandbox to work like sandboxie, where i can download a file in chrome sandboxed and save it directly to the real downloads folder. Thank you for the help
 
FleischmannTV

FleischmannTV

Level 7
Verified
Honorary Member
Well-known
Jun 12, 2014
314
Every time I read that somebody runs Chrome inside Sandboxie or Comodo "sandbox" I want to kill myself. You won't run into a combination of a 0-day exploit + sandbox escape for Chrome, ever. You are just not worth it. And if you ever won the lottery on that ticket, your buggy fake security software won't help you either. If people waste million-dollar exploits on you, you don't think they'll have a couple of bugs spared for that digital certificate from Comodo? Or they'll just use a stolen credit card for that :D

Sandbox
 
  • Like
Reactions: Tiny, mlnevese and frogboy
G

Glynn

Level 2
Thread author
Verified
Aug 16, 2017
67
Hello FleishmannTV

Thanks for your input, at the moment i have sandboxie 5.20, hitmanpro.alert 3.6.7 build 604 and comodo firewall 10.0.1.6258 installed, so does that mean i can remove sandboxie because comodo would do sandboxie's job?

edit: hitmanpro.alert is the freeware version after the trial expired
 
FleischmannTV

FleischmannTV

Level 7
Verified
Honorary Member
Well-known
Jun 12, 2014
314
S A R C A S M

In order to be secure you need this:

1. Anti-Executable/SRP-Baseline:
  • NoVirusThanks EXE Radar Pro
  • VoodooShield
  • AppGuard
  • SmartObjectBlocker
You'll need all them in case one catches what the other one misses.

2. Isolation/Virtualization-Baseline:
  • ShadowDefender
  • ReHIPS
  • Sandboxie
  • RAMDisk
  • Comodo Firewall
You'll need to install ReHIPS inside Sandboxie or force ReHIPS's services in Sandboxie. In case something escapes ReHIPS, it will be contained inside Sandboxie. In addition, have all Sandboxie services guarded by AppGuard, in case something escapes Sandboxie. Sandboxie container folder and ReHIPS user folders should be located on RAMDisk at all times. Anything that escapes that should be caught by Comodo containment in the end. Should all of that fail, ShadowMode will remove all changes after a simple reboot.

3. HIPS Baseline (optional)
  • Comodo Firewall HIPS on Paranoid
  • ESET HIPS on Interactive Mode without enabling Learning Mode first
This setup should alert to you every action on your setup. Be prepared to click yes 5.000 times per second or otherwise you'll fall behind. Not really for security, but some people just need to know what's going on on their system.

4. Anti-Exploit Baseline
  • Hitman.Pro.Alert (licensed)
  • Malwarebytes Anti-Exploit (MBAE)
HMP.Alert will protect against vulnerabilities in your browser, office or multimedia applications. In addition, add all services of the aforementioned security softwares to HMP.Alert's protection, too, in order to protect against vulnerabilities introduced by security software. Since Alert cannot protect itself against exploits, you'll need to protect it with MBAE.

5. Anti-Ransomware Baseline (optional)
  • Kaspersky Anti-Ransomware
  • Malwarebytes Anti-Ransomware
  • Bitdefender Anti-Ransomware
  • RansomOFF
  • RanStop
  • RansomFree
Since no Anti-Ransom-Soft can detect all ransomware samples, redundancy is key.

6. Online-Banking/payment protection

It is paramount to use an online banking protection secure browser like in Kaspersky or ESET Internet Security. The secure browser will also be strengthened by HMP.Alert's intruder detection.

------------------------

Now, in case my sledgehammer-sarcasm has once more proofed to be too subtle, this post was pure 100%:


S A R C A S M
 
  • Like
Reactions: Sunshine-boy, Tiny and mlnevese
5

509322

FleischmannTV said:
S A R C A S M

In order to be secure you need this:

1. Anti-Executable/SRP-Baseline:
  • NoVirusThanks EXE Radar Pro
  • VoodooShield
  • AppGuard
  • SmartObjectBlocker
You'll need all them in case one catches what the other one misses.

2. Isolation/Virtualization-Baseline:
  • ShadowDefender
  • ReHIPS
  • Sandboxie
  • RAMDisk
  • Comodo Firewall
You'll need to install ReHIPS inside Sandboxie or force ReHIPS's services in Sandboxie. In case something escapes ReHIPS, it will be contained inside Sandboxie. In addition, have all Sandboxie services guarded by AppGuard, in case something escapes Sandboxie. Sandboxie container folder and ReHIPS user folders should be located on RAMDisk at all times. Anything that escapes that should be caught by Comodo containment in the end. Should all of that fail, ShadowMode will remove all changes after a simple reboot.

3. HIPS Baseline (optional)
  • Comodo Firewall HIPS on Paranoid
  • ESET HIPS on Interactive Mode without enabling Learning Mode first
This setup should alert to you every action on your setup. Be prepared to click yes 5.000 times per second or otherwise you'll fall behind. Not really for security, but some people just need to know what's going on on their system.

4. Anti-Exploit Baseline
  • Hitman.Pro.Alert (licensed)
  • Malwarebytes Anti-Exploit (MBAE)
HMP.Alert will protect against vulnerabilities in your browser, office or multimedia applications. In addition, add all services of the aforementioned security softwares to HMP.Alert's protection, too, in order to protect against vulnerabilities introduced by security software. Since Alert cannot protect itself against exploits, you'll need to protect it with MBAE.

5. Anti-Ransomware Baseline (optional)
  • Kaspersky Anti-Ransomware
  • Malwarebytes Anti-Ransomware
  • Bitdefender Anti-Ransomware
  • RansomOFF
  • RanStop
  • RansomFree
Since no Anti-Ransom-Soft can detect all ransomware samples, redundancy is key.

6. Online-Banking/payment protection

It is paramount to use an online banking protection secure browser like in Kaspersky or ESET Internet Security. The secure browser will also be strengthened by HMP.Alert's intruder detection.

------------------------

Now, in case my sledgehammer-sarcasm has once more proofed to be too subtle, this post was pure 100%:


S A R C A S M
Click to expand...

@FleischmannTV

For 6., I would have thought you would say use Linux Tails or one of the banking specific Linux distro Live CDs or usb

And no RedSocks network appliance ?

You pretty much paint an accurate picture of the security forum "paranoia." Whether it is ignorance, a sickness, one-upmanship, or something in-between, let Sigmund Freud sort it out.

People that start out trying to craft the "impenetrable fortress" usually adopt a different strategy over time.
 
Last edited by a moderator:
  • Like
Reactions: Tiny and mlnevese
Status
Not open for further replies.

Similar threads

silversurfer
    • Like
New Update Chrome is making it easier to keep track of browser tabs
Replies
1
Views
301
Chrome & Chromium
Bot
Bot
silversurfer
    • Wow
    • Like
Hot Take A bug in Word deletes documents instead of saving them
Replies
2
Views
195
Office, email and business apps
Gandalf_The_Grey
Gandalf_The_Grey
Trustless
    • +Reputation
  • Locked
Trouble Removing a Chrome Redirecting Type Malware/Adware
Replies
4
Views
631
Windows Malware Removal Help & Support
nasdaq
nasdaq

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top