Sandbox executables who's ports are exposed to the internet.

If it doesn't fit elsewhere, it goes here
Post Reply
warwagon
Posts: 34
Joined: Sun Jun 03, 2007 4:32 pm

Sandbox executables who's ports are exposed to the internet.

Post by warwagon » Wed Feb 15, 2012 11:45 am

For the year or so I've been running a VNC server on my local LAN. Recently I forwarded a port of my choice (not the regular vnc port) through my router so I can connect via my ipod touch wherever I'm at and look at my security camera. Opening ports always freaks me out a little, because of potential vulnerabilities on the app which is now listening on the internet.

So I thought what if I install sandboxie on the system and sandbox the winvnc server running on the system. Well I did that and I can still connect just fine and everything is working great. My question is, if someone were to hack in via what ever executable you had on the internet, and if that program was sandboxed,I would assume the hacker would then be sandboxed inside the machine. I've also configured the sandbox to turn off the mouse and keyboard. So when you connect to vnc from the outside the keyboard and mouse do not work.

How about running a free webserver on the system and having it also sandboxed? If the sandbox is set to "Read only", even if they were to exploit the webserver they would only have read only access inside the sandbox. With sandboxie you can also block access to certain folders. So if the server was compromised it would still be sandboxed and if configured they wouldn't be able to access the directories in the block list, like c:\Windows. Although some programs do need access to that directory just to run, plus read only access is good enough just as long as they can't write to that directory. One place you wouldn't want them to read is like a places like the document directory.

Post Reply

Who is online

Users browsing this forum: No registered users and 5 guests