Hungry Man's Setup

Hungry Man

New Member
Thread author
Jul 21, 2011
669
The plans I have for Sandboxie would include many sandboxes (sandboxes within sandboxes if possible) to basically isolate every application from every other application and then give restricted access to things such as my browser or IM client.
 

Hungry Man

New Member
Thread author
Jul 21, 2011
669
Securing the whole system with Mamutu.

I'm assuming that all actions by programs that have "allow" next to them are legitimate and I'm explicitely denying all other actions by these programs. If a program is compromised or attacked it is limited to only what it can do in a legitimate situation.

IMO this is the best way to use Mamutu - to restrict applications already on the system.
 

Hungry Man

New Member
Thread author
Jul 21, 2011
669
Paranoid Mode for a few days before I start blocking actions of system files like crss.exe.
 

Hungry Man

New Member
Thread author
Jul 21, 2011
669
Apparently you can't block behaviors of whitelisted applications or monitor them or something like that... idk... talking to Mamutu about it now.
 

Hungry Man

New Member
Thread author
Jul 21, 2011
669
So I'm currently reinstalling Java... this time by sandboxing the installers with Comodo as Partially Limited.
 

Hungry Man

New Member
Thread author
Jul 21, 2011
669
Didn't work =\ for some reason it managed to install outside of the sandbox. Confusing...
 

Ink

Administrator
Verified
Jan 8, 2011
22,490
Hungry Man said:
So I'm currently reinstalling Java... this time by sandboxing the installers with Comodo as Partially Limited.

Hungry Man said:
Didn't work =\ for some reason it managed to install outside of the sandbox. Confusing...



I'm confused. :blush:

You installed Java within the Comodo Sandbox?
 

Hungry Man

New Member
Thread author
Jul 21, 2011
669
I tried to... I sandboxed the installer manually and ran it but it installed to my actual system and then it wouldn't run properly. Oh well.
 

Hungry Man

New Member
Thread author
Jul 21, 2011
669
OK I've disabled the automatic detection of installers and I'm now attempting to reinstall Java into a sandbox.

Damn... it tries to sandbox it this time but the Windows Installer service gives an error =\
 
D

Deleted member 178

i dont need java actually, so im free from this potential vulnerability.
 

Hungry Man

New Member
Thread author
Jul 21, 2011
669
I use it. It's definitely increasing the attack surface but I feel that EMET and Comodo's Limited sandbox really help.

I have personally tested Java exploits against it and nothing has touched my system.

Still, I'd like to really lock it down.
 

Hungry Man

New Member
Thread author
Jul 21, 2011
669
I'm now using Comodo DNS on my router.

I may switch to Norton though. I like to use products from different companies, that way if for whatever reason a product is targeted my security is more layered.
 

McLovin

Level 78
Verified
Honorary Member
Malware Hunter
Apr 17, 2011
9,228
Tell me how you like Norton, because after once my Trend Micro expires I am switching.
 

Hungry Man

New Member
Thread author
Jul 21, 2011
669
I'm using Norton's DNS right now (switched from Comodo's) but not their security suite.

I've seen better reviews of their DNS and Comodo's doesn't seem great.
 

Attachments

  • Capture.PNG
    Capture.PNG
    4 KB · Views: 547

Hungry Man

New Member
Thread author
Jul 21, 2011
669
An example of how I use mamutu.[attachment=783]

Every other box is denied. Java still runs, but now if it's hijacked, it can't perform anything except for those two legitimate functions. Any other suspicious action is completely blocked.
 

Attachments

  • Capture.PNG
    Capture.PNG
    36.7 KB · Views: 582

Hungry Man

New Member
Thread author
Jul 21, 2011
669
Yes. I have many applications (all major vulnerabilities like Digsby, Mipony, Java and others) restricted like this.

These are restrictions that I feel really make the program useless to a hacker. I can't account for vulnerabilities, if someone were to attack me somehow through Java I'm not going to bet on EMET but what I can do is "damage control" by limited Java in every possible way with Mamutu.
 

Hungry Man

New Member
Thread author
Jul 21, 2011
669
=p I honestly don't see why I wouldn't lock my computer down. I don't use anything that uses lots of resources and it's very effective. I have the best setup for my needs and usage.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top