Pages

Friday, 3 February 2012

使用sandboxie运行你所不信任的程序

If your geek quotient is anywhere on the higher side, it’s safe to assume that you install (and uninstall) quite a few programs. You also must have configured your computer to run like a silky smooth machine. These two states are often at conflict with each other when you install software that wreaks havoc on the PC. Installing new and untested programs in an isolated virtual environment gives you the best of both worlds.
Sandboxie is a light and compact free software that blocks error prone programs and web based malware from affecting your PC. The security software creates a virtual sandbox and allows you to install new software, your browser and other browser based apps in a secure environment, shielded from the deeper layers of the OS. Sandboxie helps you test out new unproven applications and decide to keep ‘em or trash ‘em.

Install and Run Sandboxie

Sandboxie is a 2 MB download. It runs on all 32-bit versions of Windows. On first install, Sandboxie may display a software compatibility box which on confirmation enables it to make some configuration changes to its own settings and the sandbox it creates.
Sandboxie can be run from the context menu. Right-clicking on the software allows you to select the Run Sandboxed command. You can also open a program in the sandbox by using the Send to command from the context menu. You can also use the default Sandboxed Web Browser which is a sandboxed clone of your default browser to browse the web in protected mode.
Also if you open Sandbox Control, you can open any program from the following menu command.

The Safety of a Virtual Environment

Let’s test out Sandboxie by opening Firefox and downloading a software. All ‘sandboxed’ instances of a program are identified by a ‘#’ symbol on the title bar. The sandboxed program (in this case, the Firefox browser) is also highlighted by a yellow border. Any apps (e.g. Firefox add-ons) you install within this sandboxed instance of the browser will also be contained within the sandbox. In case of Firefox, the restarted browser after the installation of an add-on also opens within the sandbox.

Sandboxie Control shows the running status of programs that are running in the vault in the current sandbox. You can create more than one sandbox.

Any file downloaded while browsing is also saved within the sandbox. Sandboxie gives you an option to recover the file and move it to the unboxed part of Windows in case you decide to keep it.

Closing Sandboxie Control terminates all programs and restores the order of Windows that existed before you sandboxed the program. You can also delete all contents from the Sandbox after you are done with it.

It is a good precaution to use Sandboxie with your download programs and your email client in case you are downloading something you are not too sure of. Sandboxie can also be used to run multiple instances of the same program. For instance, you can run your browser in the normal mode and also in the sandboxed mode.
Sandboxie comes with a full-fledged tutorial which walks you through the steps of setting it up and using it to keep your PC in the pink of health. Run it and give us your take on the utility of a sandboxing application.

FROM http://www.guidingtech.com/9424/run-programs-you-dont-trust-in-isolation-using-sandboxie/
-----------------------------------------------------------------------------
Sandboxie let u Safely Execute Programs


Sandboxie runs your programs in an isolated space which prevents them from making permanent changes to other programs and data in your computer. It offers secure web browsing by running your Web browser under the protection of Sandboxie means that all malicious software downloaded by the browser is trapped in the sandbox and can be discarded trivially.
It has enhanced privacy where browsing history, cookies, and cached temporary files collected while Web browsing stay in the sandbox and don’t leak into Windows. It prevents wear-and-tear in Windows by installing software into an isolated sandbox.
What’s new in this version: Version 3.70 has added new Set Layouts and Groups command groups sandboxes into a hierarchy for easier access in menus and lists.
Benefits of the Isolated Sandbox
  • Secure Web Browsing: Running your Web browser under the protection of Sandboxie means that all malicious software downloaded by the browser is trapped in the sandbox and can be discarded trivially.
  • Enhanced Privacy: Browsing history, cookies, and cached temporary files collected while Web browsing stay in the sandbox and don’t leak into Windows.
  • Secure E-mail: Viruses and other malicious software that might be hiding in your email can’t break out of the sandbox and can’t infect your real system.
  • Windows Stays Lean: Prevent wear-and-tear in Windows by installing software into an isolated sandbox.
-------------------------------

Sandboxie Plus & Classic

Sandboxie-Plus.com  

Sandboxie Plus / Classic


Note: This is a community fork that took place after the release of the Sandboxie source code and not the official continuation of the previous development (see the project history and #2926).


Plus license Classic license GitHub Release GitHub Pre-Release GitHub Build Status GitHub Codespell Status

Join our Discord Server

System requirements Release notes Contribution guidelines Security policy Code of Conduct
Windows 7 or higher, 32-bit or 64-bit. CHANGELOG.md CONTRIBUTING.md SECURITY.md CODE_OF_CONDUCT.md

Sandboxie is a sandbox-based isolation software for 32-bit and 64-bit Windows NT-based operating systems. It creates a sandbox-like isolated operating environment in which applications can be run or installed without permanently modifying local & mapped drives or the Windows registry. An isolated virtual environment allows controlled testing of untrusted programs and web surfing.

Sandboxie allows you to create virtually unlimited sandboxes and run them alone or simultaneously to isolate programs from the host and each other, while also allowing you to run as many programs simultaneously in a single box as you wish.

⏬ Download

Latest Release

🚀 Features

Sandboxie is available in two editions, Plus and Classic. They both share the same core components, this means they have the same level of security and compatibility. What's different is the availability of features in the user interface.

Sandboxie Plus has a modern Qt-based UI, which supports all new features that have been added since the project went open source:

  • Snapshot Manager - takes a copy of any box in order to be restored when needed
  • Maintenance mode - allows to uninstall/install/start/stop Sandboxie driver and service when needed
  • Portable mode - you can run the installer and choose to extract all files to a directory
  • Additional UI options to block access to Windows components like printer spooler and clipboard
  • More customization options for Start/Run and Internet access restrictions
  • Privacy mode sandboxes that protect user data from illegitimate access
  • Security enhanced sandboxes that restrict the availability of syscalls and endpoints
  • Global hotkeys to suspend or terminate all boxed processes
  • A network firewall per sandbox which supports Windows Filtering Platform (WFP)
  • The list of sandboxes can be searched with the shortcut key Ctrl+F
  • A search function for Global Settings and Sandbox Options
  • Ability to import/export sandboxes to and from 7z files
  • Integration of sandboxes into the Windows Start menu
  • A browser compatibility wizard to create templates for unsupported browsers
  • Vintage View mode to reproduce the graphical appearance of Sandboxie Control
  • A troubleshooting wizard to assist users with their problems
  • An Add-on manager to extend or add functionality via additional components
  • Protections of sandboxes against the host, including the prevention of taking screenshots
  • A trigger system to perform actions, when a sandbox goes through different stages, like initialization, box start, termination or file recovery
  • Make a process not sandboxed, but its child processes sandboxed
  • Sandboxing as a unit of control to force programs to automatically use the SOCKS5 proxy
  • DNS resolution control with sandboxing as control granularity
  • Limit the number of processes in the sandbox and the total amount of memory space they can occupy, and You can limit the total number of sandboxed processes per box
  • A completely different token creation mechanism from Sandboxie's pre-open-source version makes sandboxes more independent in the system
  • Encrypted Sandbox - an AES-based reliable data storage solution.

More features can be spotted by finding the sign = through the shortcut key Ctrl+F in the CHANGELOG.md file.

Sandboxie Classic has the old no longer developed MFC-based UI, hence it lacks native interface support for Plus features. Although some of the missing features can be configured manually in the Sandboxie.ini configuration file or even replaced with custom scripts, the Classic edition is not recommended for users who want to explore the latest security options.

📚 Documentation

A GitHub copy of the Sandboxie documentation is currently maintained, although more volunteers are needed to keep it updated with the new changes. We recommend to check also the following labels in this repository:

future development | feature requests | documentation | build issues | incompatibilities | known issues | regressions | workaround | help wanted | more...

A partial archive of the old Sandboxie forum that was previously maintained by Invincea is still available. If you need to find something specific, it is possible to use the following search query: site:https://sandboxie-website-archive.github.io/www.sandboxie.com/old-forums/

🚀 Useful tools for Sandboxie

Sandboxie's functionality can be enhanced with specialized tools like the following:

  • LogApiDll - adds a verbose output to Sandboxie's trace log, listing invocations of relevant Windows API functions
  • SbieHide - attempts to hide the presence of SbieDll.dll from the application being sandboxed
  • SandboxToys2 - allows to monitor files and registry changes in a sandbox
  • Sbiextra - adds additional user mode restrictions to sandboxed processes

from https://github.com/sandboxie-plus/Sandboxie

 --------------------------------------------------------------------------
 
沙盘工具Sandboxie开源免费了,支持游戏多开、软件多开、病毒隔离。

当你在网上下载一些不知名的软件或者是破解的软件的时候最担心什么?其实最担心的是这款软件的安全性。捆绑广告弹窗、侵犯个人隐私、携带木马病毒,这些都是有可能发生的。
游戏多开、软件多开、病毒隔离,这款神器终于免费了!

面对这些未知的软件程序,尽管有各种各样的杀毒软件作为电脑的第一道保障,但也无法完全避免。此外你也许会使用虚拟机创建一个单独的操作系统进行高风险软件操作,但虚拟机不仅占用电脑资源,使用起来并不是那么便捷。而最理想的解决方法就是使用沙盘软件,凑巧的是近期一款经典老牌的沙盒软件:Sandboxie开始免费了。

Sandboxie 是一款可以为电脑隔离潜在风险的经典老牌沙盘工具,他会在你的电脑上创造出一个虚拟的软件运行环境,而这个虚拟的”沙盒环境”与电脑真实系统完全隔离,在沙盘中运行的软件会被牢牢的限制在沙盘中,从而不会影响到以外的内容。
游戏多开、软件多开、病毒隔离,这款神器终于免费了! (Sandboxie原理示意图)

写入的数据全被限制在沙盘固定的区域,当你将沙盘软件关闭之后,这里面的数据也将会全部被重置销毁。所以说就算有病毒程序也不会对你的电脑系统造成破坏。

使用方法

Sandboxie 沙盘工具除了用于对未知软件的隔离测试,我们还可以通过他对软件或者游戏进行多开。

1,将软件安装之后,点击菜单栏的沙盘按钮,可进行创建新的沙盘。
游戏多开、软件多开、病毒隔离,这款神器终于免费了!

2,你可以选择在沙盘中运行任意的程序、网页浏览器、系统程序等。你也可以直接将软件的安装包、快捷方式直接拖拽到沙盘中直接运行。
游戏多开、软件多开、病毒隔离,这款神器终于免费了!

3,每一个沙盘只能打开一个相同的程序,想要多开就需要创建多个沙盘。

Sandboxie 本是一款收费的软件,近期Sandboxie 官方宣布将其完全免费使用了!并且未来可能开源,目前在官方下载最新版本已经无需激活,安装即可使用,默认解锁所有功能。
---------------------------------

Sandboxie  免费开源个人维护正式版

菜鸟高手裸奔工具沙盘Sandboxie是一款国外著名的系统安全工具,它可以让选定程序在安全的隔离环境下运行,只要在此环境中运行的软件,浏览器或注册表信息等都可以完整的进行清空,不留一点痕迹。同时可以防御些带有木马或者病毒的恶意网站,对于经常测试软件或者不放心的软件,可放心在沙盘里面运行!
软件官网

https://www.sandboxie.com/
使用方法:

Sandboxie 本身提供了简体中文语言支持,所以上手使用还是非常简单的。在安装好 Sandboxie 之后还会有一个向导教程,带你一步一步使用它。

你可以通过 Sandboxie 界面上的菜单来启动任意程序,也可以在 Windows 资源管理器上,对任意 .exe 可执行文件或软件的安装包上点右键,在菜单中选择「在沙盘中运行」来让 Sandboxie 启动它们。

启动后,Sandboxie 会给运行在沙盘环境的应用标题前后加上 # 号,像 [#] 软件名 [#] 这样。同时当鼠标移动到沙盒应用窗口的边缘时,它还会用一个黄色的框来框住它的窗口,辨识度非常高。基本上,只要看到黄色框你就能放心地对软件进行各种骚操作而不必担心它会对系统造成影响了。

Sandboxie 也预置了一些常用功能,比如可在 Sandboxie 沙盘里启动网页浏览器 (更彻底的保护隐私不留痕迹);也能在沙盘上运行 Windows 资源管理器,并像影子系统一样对硬盘里的文件进行各种删除移动拷贝,关掉沙盘后一切恢复如初等等。
Sandboxie 的用途:

Sandboxie 真的非常实用,用法很多用途也很广泛。比如有系统洁癖的朋友可以用来保护系统不被程序留下的垃圾困扰;喜欢玩耍软件的同学可用来测试各类程序,避免中毒、保护隐私等。

你还可以借助 Sandboxie 的沙盘的恢复重置特性来实现“软件免费无限试用”;甚至让一些限制较多的程序比如「微信实现双开」、游戏多开等等,当然大家还可以多想一些有创意的新玩法。这样一个神器现在完全免费了,绝对可以成为每一个玩家们的装机必备工具。

新版特性
cdn.jsdelivr.net/gh/sandboxie-plus/Sandboxie@master/CHANGELOG.md
--------------------------------------------------- 

善用沙盒虚拟机,测试风险程序让你无视一切病毒

话说电脑病毒善于伪装,常常潜伏在各种知名工具通过下载站分发传播,尤其一般隐藏在各种破解工具,大部分同学即便是面对杀软的提醒,通常也会放任运行并自己将其添加到杀软白名单中,究其原因国内的一般杀软工具宁可错杀不可放过,导致高的误报率,用户已经习惯了放任不管,给了很多病毒可乘之机。

病毒各种鱼目混珠的手法即便是经验老道的高手稍有不慎也会中招,这样情况下,除了选择一款经典的杀毒软件为外,日常使用中,我们也应该练就火眼金睛,自己判别是否是病毒。

最行之有效的方法就是在系统中安装一些类似虚拟机的工具,下面来说说目前的一些解决方案和工具。

开启Windows自带的沙盒功能

所谓沙盒,其实就是为运行中的程序提供的隔离环境,程序在沙箱中运行时会与所在的宿主操作系统隔离,从而避免威胁当前系统,一般主要就是用于测试具有安全风险的程序。目前市面上同类工具确有不少,在Windows 10 1903(仅专业版和企业版)版本中,微软开放了一个内置的沙盒,可方便我们测试不确定的程序。要开启沙盒,首先确定电脑硬件支持:

    AMD64架构;
    虚拟化功能已在BIOS中启用;
    4GB以上的内存(建议8GB);
    1GB以上的可用磁盘空间(建议使用SSD);
    CPU至少有两个核心(建议使用4个超线程核心)。

具体开启方式也相当简单,在控制面板——>程序和功能——>启用或关闭Windows功能,勾选Windows 沙盒。

重启电脑后便可在开始菜单中找到并启动沙盒。从功能上来讲,Windows 沙盒相当于一个轻量级桌面环境,与一般的沙盒工具相比,它其实就相当于一个独立的虚拟机,功能与现有系统基本无异,可用于测试安装各类应用程序,即便是带有破坏力的病毒程序,在沙盒中运行也不会感染到当前系统,关闭沙盒后,下次启动就是全新的系统。

实际使用中,沙盒与Windows系统完美搭配,文件互相传输都可直接使用复制粘贴命令,支持放大缩小,操作非常方便。

平日,如果大家碰到无法直接判断的未知程序,可通过沙盒进行测试,是否为病毒基本一眼便可知。

Sandbox,经典老牌沙盒软件

每次谈到沙盒软件,相信但凡知道沙盒这个名词的同学一定对Sandbox耳熟能详。作为一款经典的沙盒工具,长期以来凭借强大的功能和不俗的口碑一直是很多人测试软件首选的沙盒工具。

原本Sandbox是收费软件,但在去年已经宣布免费,猜测可能与微软推出内的沙盒后有关,但不管怎么说Sandbox绝对是款超好用的工具。

相比较Windows的沙盒,Sandbox体积小,安装后使用也更加简单,在需要运行的程序上右键可以选择沙盒运行,这样便自动将程序加载到沙盒中运行。

程序在沙盒中不会对系统产生任何影响,也不会修改你的硬盘数据,当沙盒关闭后,所有操作都将回复如初。这对于测试一些未知程序无疑是相当方便的。当然,Sandbox也存在一些限制,最普遍的问题可能是兼容性,某些专业软件是无法成功运行的。

最强虚拟机,Vmware Workstation

这些年玩软件装过的程序以及各种破解补丁不计其数,经验告诉我绝大部门工具包括各种和谐补丁,即便是国内的杀软频繁报毒的情形下,大部分工具是安全可信的。当然也不能排除一些热门工具被加入恶意程序或脚本,为了最大程度的避免中招,安装测试软件基本都是在虚拟机中进行,不管是Windows沙盒还是Sandbox,在实际使用中总会出现各种兼容性问题,最佳的解决方式是安装一个真实全面的操作系统。

Vmware Workstation是性能强大的虚拟机,通过它可以安装目前主流的操作系统,它支持最新的Windows 10,并且支持 DirectX 10 和 OpenGL 3.3,可在运行 3D 应用时提供更顺畅和响应速度更快的体验。

Vmware虚拟机可以创建一个真正完整的操作系统,是完完全全独立于系统之外,而且兼容性极强,基本无需担心程序在系统中不可运行,并且它性能强大,可以自定义配置硬件,包括CPU、内存、3D加速它甚至还支持虚拟网络构建功能,无论是易用性还是专业性,Vmware Workstation绝对当之无愧的行业老大。

在Vmware安装了一个Windows 10专业版,系统设置与我当前的操作系统保持一致,包括常用软件、基本设置几乎是完全复刻。创建后,建立一个初始干净的系统快照,今后无论测试多为复杂专业的程序,无论是安装多少工具,在不需要时可一建还原到初始状态,保证虚拟机系统的纯净。

最后总结

本篇文章实际属于实用性知识科普,文中介绍的工具想必大家也耳熟能详,现在的病毒传播方式多样,具有很强的隐匿性和破坏性,日常使用中,除了杀软的被动防御之外,最重要的还是发挥个人的主观能动性,主动去辨别,面对某些无法识别或者存疑的程序,能做到不解压不运行,将其扔到虚拟机环境中实际使用测试,之后,再决定在主系统安装使用~
---------------------------------------------------
 
相关帖子:https://briteming.blogspot.com/2013/10/sandboxie.html