virtualbox running inside sandboxie

View previous topic View next topic Go down

virtualbox running inside sandboxie

Post by jna90 on 17/8/2011, 01:30

ok, in the event of overdoing it a bit. I have an interesting installment, but I'm not sure about it's overall security. I will explain. Please read very carefully as this gets a bit confusing if you read too fast

1. my main operating system is Windows 7 64-bit with 8 gig of ram. (which is a big help in this particular case).
2. I'm running sandboxie 3.57.05 (64-bit) (beta version because cmd.exe didn't behave properly in the stable 64-bit release, which the stable release lets you know inside a window)
3. I run Oracle VirtualBox (4.1.0 r73009) inside sandboxie.
4. inside the sandboxie, which is inside virtualbox, I have Windows 7 32-bit running.
5. inside the windows 7 32-bit I have installed sandboxie again.
6. browsing the internet inside sandboxie which runs in windows 7 32-bit, which runs in virtualbox, which in turn runs inside sandboxie which runs in windows 7 64-bit.
7. sounds more complicated than it actually is.. everything is running smoothly and my browser is very responsive.
8. I've assigned about 3 gig of ram to the windows 7 32-bit inside the virtualbox and have 2d/3d graphics enabled which uses 256 mb of virtual ram.
9. I hope I make sense here and just experimenting a bit with what's possible with Sandboxie.

I just love sandboxie, for such a small program it can do big things if you're careful with all the settings that are possible.

in short: I run windows 32-bit inside sandboxed virtualbox inside windows 64-bit. (very short indeed).

Anyway, It runs quite allright for browsing and light computer work, but I've not stress tested really, can't say if cpu intensive programs will run smoothly or not. But that's not my main concern, i just want to browse on the net.

Also I've installed in both windows (malwarebytes, comodo firewall/defense+, kaspersky antivirus, KeyScrambler from QFX).

A bit extreme ? yes, but I've put this thread in 'Other' because this particular setup is maybe a bit unusual I suppose. Btw, I have two physical monitors connected to my real graphics card (nvidia GTX 460), so I can see windows 7 64-bit on the left and 32-bit on the right monitor.
I've also installed linux xubuntu inside virtualbox and can use linux to browse the net inside windows 64-bit.

Cheers,
Jna90.

[EDIT] I forgot to mention that my physical network card is connected to a router which is connected to a cable modem (DHCP). Every VM running inside virtualbox has Bridged networking. The router gives each virtual os its own address. starting at 10.10.10.101. my real physical network connection has always 10.10.10.100 [/EDIT]


Last edited by jna90 on 17/8/2011, 01:57; edited 1 time in total (Reason for editing : extra info)

jna90
Member
Member

Posts : 36
Join date : 2011-07-20
Age : 43
Location : Amsterdam, The Netherlands

View user profile

Back to top Go down

Re: virtualbox running inside sandboxie

Post by jna90 on 17/8/2011, 12:20

here some pictures:







What a Face clown

jna90
Member
Member

Posts : 36
Join date : 2011-07-20
Age : 43
Location : Amsterdam, The Netherlands

View user profile

Back to top Go down

Re: virtualbox running inside sandboxie

Post by ssj100 on 17/8/2011, 15:27

I understand what you're doing. However, even I think it's a bit "overkill" haha. It might be worth doing that when you are purposefully testing malware - I used to pretty much do that back in the days when I actively tested live malware/POCs of all kinds.

Anyway, Sandboxie is certainly an amazing application. VirtualBox is great too.

_________________
Sandboxie + LUA + SRP + DEP + SuRun
Windows Firewall + NAT Router + IPSec (on-demand)
VirtualBox (on-demand)
Drive SnapShot (on-demand)
avatar
ssj100
Administrator
Administrator

Posts : 1389
Join date : 2010-04-14

View user profile http://ssj100.fullsubject.com

Back to top Go down

Re: virtualbox running inside sandboxie

Post by jna90 on 17/8/2011, 15:55

Indeed, I do agree with you and see that I overdo it a bit.
This kind of virtual setup is in my opinion only advisable if your host system is 64-bit + 8 gig of ram and preferably a 2 core or more core cpu.
that way you can distribute cores and memory. Ideally quad core cpu is best I think.
2 cores for your host operating system and 2 cores for the guest operating system.
and divide your memory in half.. my host OS doesn't use more than 4 gigs usually, so that would be okay.
4 gigs host, 4 gigs guest (or 3 even, because 32-bit doesn't see the full 4 gig).

Anyway, I am tinkering about a bit and for me it works.
In terms of security it is quite sturdy in my opinion, but overall system resources are cut in half on the real host OS, basically.

However, I can play World of warcraft with 60fps just fine while at the same time have windows 32 in sandboxed virtualbox.
But that is because I got a decent video card as well and that helps a lot too. got 2 gigs of ram on the graphics card.

All in all I overdo it here, but sometimes I tend to get a littlebit unsecure about how secure my system is, but it is all a state of mind I think.
Also a reason to visit this excellent forum or sandboxie forum to confirm or rethink your own suspicions or doubts about security and virtual environments. Sometimes one needs confirmation about the settings you try out or what other people think about it.

Talking about paranoid.. Razz .. ehmm I sometimes use the 'paranoid' setting in Comodo defense+.
Even when nothing 'bad' happens it is a great tool to see what processes or programs are accessing to.

Anyway, thanks for your comment SSJ100. much appreciated.
I'll see what I can come up with another time or contribute to some subjects discussed on this forum.

However it turns out, I'm sure to check this forum frequently, I love your approach and explanations about various security issues.



jna90
Member
Member

Posts : 36
Join date : 2011-07-20
Age : 43
Location : Amsterdam, The Netherlands

View user profile

Back to top Go down

Re: virtualbox running inside sandboxie

Post by tnegjm on 17/8/2011, 23:48

I have run my VMware like that before and still do when I'm testing. I originally read about Farmerlee doing this as a daily setup over at Wilders. I'm at the point where I trust a hardened Sandboxie so much that I run my daily usage and browsing in my host machine. I run MBAM and Avira for fun every now and then Very Happy . I like your idea of using two monitors for each o/s. Now if only VMWare could support USB 3.0.

Some links on this subject.
Farmerlee Link and Link2
KulAid's Security by Isolation Link
VMware For Security Link

tnegjm
Member
Member

Posts : 37
Join date : 2010-04-20

View user profile

Back to top Go down

Re: virtualbox running inside sandboxie

Post by jna90 on 18/8/2011, 23:13

Indeed tnegjm.
I must admit that I should be reading a lot more at wilders forum.
I spent to little time there, but it is a great forum.
Quite literally 'great' as in the amount of subjects/threads.
Thanks for the links ! much appreciated !

I also have a purchased copy of VMware Workstation 7.
I'm going to use vmware as well.

What do I have currently running on my system.. my systray at this moment Razz


And all of the programs work very well together thus far.. haven't come across any problems (yet), but I've read from other sources/people that these programs should work well together.

To clarify the icons in systray (left to right):
1. pc tools threatfire (although I'm in doubt if this IPS program does its job very well, have heard some dissapointing results about it). I use the free version without anti-virus.

2. sandboxie

3. Hypersnap (still my favority snapshot program, even though there might be better programs, I use it for many years)

4. malwarebytes (I think that this program is the only one that almost everyone uses, whatever the environment or OS)

5. Comodo firewall and Defense+ (free version without Anti-virus).
I think that the comodo firewall/defense+ is very good, in my own personal opinion and what I've read in reviews about it by other people.

6. Kaspersky AV 2011 (well actually I purchased the Internet Security 2011 but disabled the firewall. and once you disable it, it stays disabled. it's not automatically enabled again with every reboot if you have chosen to permanently disable it, which is a plus for me)
Kaspersky's firewall is for me a bit unclear in setting up. I don't have the feeling that I am in full control of how the firewall operates.

7. KeyScrambler from QFX (free version).

8. SuperAntiSpyware (SAS) .. on demand, i have the free version.

And the rest of the icons are not of any importance, well not for security I mean.


Last edited by jna90 on 18/8/2011, 23:40; edited 1 time in total (Reason for editing : extra explanation about systray icons)

jna90
Member
Member

Posts : 36
Join date : 2011-07-20
Age : 43
Location : Amsterdam, The Netherlands

View user profile

Back to top Go down

Re: virtualbox running inside sandboxie

Post by kjdemuth on 20/8/2011, 19:30

You can use the following for malware testing.
Run vmware/virtualbox w/ sandboxie installed on the VM. Then have the host system running a light virt like shadowdefender or returnil.

I know that some malware are sandbox and VM aware but too many are getting through that and getting through shadowdefender on the host system.

kjdemuth
Member
Member

Posts : 10
Join date : 2011-01-23

View user profile

Back to top Go down

Re: virtualbox running inside sandboxie

Post by jna90 on 20/8/2011, 21:58

Thanks kjdemuth,

What you have mentioned, you are absolutely right.

The reason that I'm a bit difficult or using bizarre combinations/environments and software or somewhat strange setups is to test the compatibility between different anti-virus-malware-(h)ips. to be able to run various solutions from different companies or brands and using them together simultaneously.
And preferably 'out of the box'. without any tricks or registry hacks or elaborate settings to be able to make them work right.

jna90
Member
Member

Posts : 36
Join date : 2011-07-20
Age : 43
Location : Amsterdam, The Netherlands

View user profile

Back to top Go down

Re: virtualbox running inside sandboxie

Post by kjdemuth on 21/8/2011, 21:21

I just use vmware and test whatever I'm testing. I have the host system running shadowdefender and CIS.

kjdemuth
Member
Member

Posts : 10
Join date : 2011-01-23

View user profile

Back to top Go down

Re: virtualbox running inside sandboxie

Post by jna90 on 21/8/2011, 22:21

sounds good to me. I like to complicate things alot Shocked , trying combinations.. lol.
Your setup is good and I like it.
I like to figure out if a "kaspersky firewall only" works with comodo defense+ or combinations like that. or comodo firewall with emsi online armor ++ with disabled firewall.. things like that.
I know, whats the point in doing that. Just to figure out if you can rely on multiple solutions rather than all in one from one company/developer.

But I do respect people who expect (and they have every right) that a one in all suite should do the job well.

I bought Shadowdefender a month back.
Wasn't aware that the developer is gone missing or otherwise not available.
I tried to enter the forum, but forum was down as well.
I hope that whatever happened turns out ok, i really haven't got a clue whats going on.

I really like Shadowdefender alot, but when a product doesn't get updates or patches or something similar, eventually it will not work against all attacks.
Granted, you must be pretty smart to bypass software like shadowdefender.

I hope that Shadowdefender will be continued with full support and regular updates someday.

Do you know anything about Shadowdefender and its future by any chance ?

jna90
Member
Member

Posts : 36
Join date : 2011-07-20
Age : 43
Location : Amsterdam, The Netherlands

View user profile

Back to top Go down

Re: virtualbox running inside sandboxie

Post by ssj100 on 22/8/2011, 04:36

jna90 wrote:Do you know anything about Shadowdefender and its future by any chance ?
I think this post by patrick sums it up:
http://ssj100.fullsubject.com/t422-shadow-defender-mods-abandon-shadow-defender-forum

_________________
Sandboxie + LUA + SRP + DEP + SuRun
Windows Firewall + NAT Router + IPSec (on-demand)
VirtualBox (on-demand)
Drive SnapShot (on-demand)
avatar
ssj100
Administrator
Administrator

Posts : 1389
Join date : 2010-04-14

View user profile http://ssj100.fullsubject.com

Back to top Go down

Re: virtualbox running inside sandboxie

Post by jna90 on 22/8/2011, 13:07

Ah I see and have read the thread. should have searched in the Shadowdefender section of this forum.
I should really think things over before posting or asking something.
The information was already there but I should have done better in finding it.

Anyway, thanks again for your patience with me. Embarassed Very Happy

jna90
Member
Member

Posts : 36
Join date : 2011-07-20
Age : 43
Location : Amsterdam, The Netherlands

View user profile

Back to top Go down

Re: virtualbox running inside sandboxie

Post by kjdemuth on 24/8/2011, 04:50

jna90 wrote:Ah I see and have read the thread. should have searched in the Shadowdefender section of this forum.
I should really think things over before posting or asking something.
The information was already there but I should have done better in finding it.

Anyway, thanks again for your patience with me. Embarassed Very Happy

I think that the development of shadowdefender is limited. I have noticed it is very secure and that nothing to note can bypass it. Of course given time someone may seek to exploit it. Still like I said layered security is the best way to keep you safe.

kjdemuth
Member
Member

Posts : 10
Join date : 2011-01-23

View user profile

Back to top Go down

Re: virtualbox running inside sandboxie

Post by Sponsored content


Sponsored content


Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum