Hungry Man's Setup

[Hungry Man]

The plans I have for Sandboxie would include many sandboxes (sandboxes within sandboxes if possible) to basically isolate every application from every other application and then give restricted access to things such as my browser or IM client.

 

[Hungry Man]

Securing the whole system with Mamutu.

I'm assuming that all actions by programs that have "allow" next to them are legitimate and I'm explicitely denying all other actions by these programs. If a program is compromised or attacked it is limited to only what it can do in a legitimate situation.

IMO this is the best way to use Mamutu - to restrict applications already on the system.

 

[Hungry Man]

Paranoid Mode for a few days before I start blocking actions of system files like crss.exe.

 

[Hungry Man]

Apparently you can't block behaviors of whitelisted applications or monitor them or something like that... idk... talking to Mamutu about it now.

 

[Hungry Man]

So I'm currently reinstalling Java... this time by sandboxing the installers with Comodo as Partially Limited.

 

[Hungry Man]

Didn't work =\ for some reason it managed to install outside of the sandbox. Confusing...

 

[Ink]

So I'm currently reinstalling Java... this time by sandboxing the installers with Comodo as Partially Limited.

Didn't work =\ for some reason it managed to install outside of the sandbox. Confusing...

---

I'm confused. :blush:

You installed Java within the Comodo Sandbox?

 

[Hungry Man]

I tried to... I sandboxed the installer manually and ran it but it installed to my actual system and then it wouldn't run properly. Oh well.

 

[Hungry Man]

OK I've disabled the automatic detection of installers and I'm now attempting to reinstall Java into a sandbox.

Damn... it tries to sandbox it this time but the Windows Installer service gives an error =\

 

[Deleted member 178]

i dont need java actually, so im free from this potential vulnerability.

 

[Hungry Man]

I use it. It's definitely increasing the attack surface but I feel that EMET and Comodo's Limited sandbox really help.

I have personally tested Java exploits against it and nothing has touched my system.

Still, I'd like to really lock it down.

 

[Hungry Man]

I'm now using Comodo DNS on my router.

I may switch to Norton though. I like to use products from different companies, that way if for whatever reason a product is targeted my security is more layered.

 

[McLovin]

Tell me how you like Norton, because after once my Trend Micro expires I am switching.

 

[Hungry Man]

I'm using Norton's DNS right now (switched from Comodo's) but not their security suite.

I've seen better reviews of their DNS and Comodo's doesn't seem great.

 

[Hungry Man]

An example of how I use mamutu.[attachment=783]

Every other box is denied. Java still runs, but now if it's hijacked, it can't perform anything except for those two legitimate functions. Any other suspicious action is completely blocked.

 

[Deleted member 178]

well done, that is a minimum for java ^^

 

[Hungry Man]

Yes. I have many applications (all major vulnerabilities like Digsby, Mipony, Java and others) restricted like this.

These are restrictions that I feel really make the program useless to a hacker. I can't account for vulnerabilities, if someone were to attack me somehow through Java I'm not going to bet on EMET but what I can do is "damage control" by limited Java in every possible way with Mamutu.

 

[jamescv7]

Good configuration, that will be high restricted.

 

[Deleted member 178]

i can say that Hungry is as "rationally paranoid" as me

 

[Hungry Man]

=p I honestly don't see why I wouldn't lock my computer down. I don't use anything that uses lots of resources and it's very effective. I have the best setup for my needs and usage.