Q&A How can you secure folders based on these 3 requirements?

daos

New Member
Jul 28, 2021
7
I'm looking for a software that can assure that media files(videos,music,pictures) or executable files inside specific folders I make can:
1.not interact with the rest of the system/OS.
2.can not access the internet or network.
3.can not execute themselves in the background without my knowledge.

What options are there that fulfill those 3 requirements? Thank you!
 

silversurfer

Level 74
Verified
Trusted
Content Creator
Malware Hunter
Aug 17, 2014
6,317

daos

New Member
Jul 28, 2021
7
Yes. i want something that works 24/7...Sandboxie doesn't really fit that use case.
By not interacting with the rest of the system/OS I mean that files/executables from secured folders can not modify any file that is part of Win10 OS itself.
 
Last edited:

Andy Ful

Level 72
Verified
Trusted
Content Creator
Dec 23, 2014
6,117
I'm looking for a software that can assure that media files(videos,music,pictures) or executable files inside specific folders I make can:
1.not interact with the rest of the system/OS.
2.can not access the internet or network.
3.can not execute themselves in the background without my knowledge.

What options are there that fulfill those 3 requirements? Thank you!
From the first point, it follows (if taken seriously) that you need another OS. So, the solution will be a Virtual Machine with a blocked network. :)

If I would guess your intentions, then you probably seek the software that can block access to the chosen folders. Next, you must combine this with opening some files by selected applications running in a sandbox with a blocked network - this can be done with ReHIPS, Comodo Firewall, or Sandboxie.
So, it can be done also without VM, but probably will be too complex for most people.
 
Last edited:

upnorth

Moderator
Verified
Staff member
Malware Hunter
Jul 27, 2015
4,438
Yeah probably easiest and most quick is the use of a VM, unless that ain't installed and setup properly and the OP knows how to etc. So called Air-gapped system is also a possible option on the host, but even those have recently been hacked by researchers. 🤷‍♂️
 

plat1098

Level 25
Verified
Sep 13, 2018
1,418
So called Air-gapped system is also a possible option on the host, but even those have recently been hacked by researchers.

What do you think about moving the data in question to another drive altogether and then encrypting it? (Bitlocker, VeraCrypt, etc)? Or does that present special challenges over top of the others concerns; ie: the 3 requirements OP listed in the first post.
 

daos

New Member
Jul 28, 2021
7
If I would guess your intentions, then you probably seek the software that can block access to the chosen folders.
1.files in those folders can not interact with the rest of the system/OS,meaning they can not modify/corrupt/infect OS files.
The potentially dangerous files are in those folders so i want to protect my OS and other hard drives from the files[possibly infected videos/music/pictures/executables (.exe)].
2.files in those folders can not access the internet or network.
3.files in those folders can not execute themselves in the background without my knowledge.
4.files in those folders are 24/7 following the requirements in 1-3 that i already outlined, no matter if i close my PC and open it again. I don't need to start back the service to enable their containment using the 3 requirements.


I clarified a bit what i want. What exact steps would you guys who already replied in this thread recommend?
 
Last edited:
  • Like
Reactions: Nevi and venustus

Andy Ful

Level 72
Verified
Trusted
Content Creator
Dec 23, 2014
6,117
1 2 3 all can do with ReHIPS
If I correctly recall, ReHIPS does not protect files in the folder from modifications. So, the files in the folder can be replaced, modified, and accessed by malware or used to exploit applications not isolated in ReHIPS. Furthermore, the malware can drop itself into the folder and run with Windows start.
So, ReHIPS must be combined with an application that can protect folders (see my previous post: Q&A - How can you secure folders based on these 3 requirements?).

1.files in those folders can not interact with the rest of the system/OS,meaning they can not modify/corrupt/infect OS files.
The potentially dangerous files are in those folders so i want to protect my OS and other hard drives from the files[possibly infected videos/music/pictures/executables (.exe)].
2.files in those folders can not access the internet or network.
3.files in those folders can not execute themselves in the background without my knowledge.
4.files in those folders are 24/7 following the requirements in 1-3 that i already outlined, no matter if i close my PC and open it again. I don't need to start back the service to enable their containment using the 3 requirements.


I clarified a bit what i want. What exact steps would you guys who already replied in this thread recommend?

You have got a few practical solutions here:
https://malwaretips.com/threads/how...ed-on-these-3-requirements.109305/post-953469
Another one is using OS in the cloud to store/run/open suspicious files.

Anyway, even a Virtual Machine can be bypassed in the theory to break any of your points. You cannot run something on the computer with Windows and be sure that point 1 will be fulfilled in 100%.
 

daos

New Member
Jul 28, 2021
7
"then you probably seek the software that can block access to the chosen folders."
You did not mention what you recommend for this.

Also for the person recommending Rehips..seems it has not been updated since 2018.

I know I could use a VM but for some of the apps i run that is way too slow so that is not an option.
 
Last edited:
  • Like
Reactions: Nevi and venustus

ItsReallyMe

Level 6
Dec 21, 2017
260
I'm looking for a software that can assure that media files(videos,music,pictures) or executable files inside specific folders I make can:
1.not interact with the rest of the system/OS.
2.can not access the internet or network.
3.can not execute themselves in the background without my knowledge.

What options are there that fulfill those 3 requirements? Thank you!
You can use Kaspersky Application Control and its firewall to configure that! and run in interactive mode.
 

Andy Ful

Level 72
Verified
Trusted
Content Creator
Dec 23, 2014
6,117
You can use Kaspersky Application Control and its firewall to configure that! and run in interactive mode.
It depends on the version. How will you protect the folder content against malware modifications and malware access? I think that an encrypted vault could be used for it (Kaspersky Total Security), but I did not test it.
 
Last edited:

harlan4096

Moderator
Verified
Staff member
Malware Hunter
Apr 28, 2015
7,354
 

JoyousBudweiser

Level 12
Verified
Aug 22, 2013
576
You can do that with comodo firewall. Use CS settings plus do the following....
1. Enable CS settings in containment.
2. Enable cloud lookup in file rating.
3. Select all vendor certificates in vendor list by ticking Vendor Tab.
Untitled-1.jpg
4. remove all and click "OK"
5. Now Go to settings>File List >Select all and click "look up". All files with legitimate certificate will be added automatically.
6. Disable the cloud lookup in file rating.
7. Now you can copy all those vulnerable "files" to the system. Everything except those files which were already in the file list will be automatically sandboxed if tried to run.
7. If you need to install anything just enable the cloud lookup in file rating for it and disable the same after installation.
 

Andy Ful

Level 72
Verified
Trusted
Content Creator
Dec 23, 2014
6,117
It seems that Protected Folders option does not include execution restrictions. If so, then the malware could still execute files in that folder. Furthermore, if the user allows opening a file from Protected Folder then the application which opens the file (media file, document, etc.) can still be exploited and the OS infected. I think that even using an encrypted vault in Kaspersky would be insufficient. The solution would be if the applications that have access to the Protected Folders, could run in the sandbox.
 
  • Like
Reactions: Nevi and venustus
Top