Norman Sandbox - virtual computer inside a computer - how'd i do that?
Page 1 of 2 12 LastLast
Results 1 to 10 of 11

Thread: Norman Sandbox - virtual computer inside a computer - how'd i do that?

  1. #1
    Junior Member
    Join Date
    Jul 2003
    Posts
    4

    Norman Sandbox - virtual computer inside a computer - how'd i do that?

    Do u know Norman Sandbox?
    It's a container to let an unknown virus run wild without wreaking the system.
    It's actually a virtual computer.
    I'd like to do a virtual computer also, quite fascinate by how it works but actually donno really
    how it works
    I think the first step is to intercept all system API calls.
    I'm using VB. Any suggestions pls?
    I'd be more than happy if anyone could tell me.
    ASM,C,C++,BASIC,VB,JAVA,VBS,HTML,ASP,SQL
    Programming is fun, but only if you\'re not on a tight deadline

    So I consider all those working engineers sad people

  2. #2
    Junior Member
    Join Date
    Jun 2003
    Posts
    18
    your gonna use vb? why not a more advanced language like C++ you will get much farther in your goal
    --
    Adam

  3. #3
    Senior Member
    Join Date
    Nov 2002
    Posts
    186
    Hey Jian2587,
    If you are interested in virtual computers (i.e. Virtual machines) check out VMWare.
    http://www.vmware.com/landing/ws4_search.html
    There is a 30 day trial download, so you can play wih different OSes. For example, you can have Windows and some flavour of Linux running at the same time on the same machine, but on different virtual machines. Good luck!
    \"When you say best friends, it means friends forever\" Brand New
    \"Best friends means I pulled the trigger
    Best friends means you get what you deserve\" Taking Back Sunday
    Visit alastairgrant.ca

  4. #4
    Junior Member
    Join Date
    Jul 2003
    Posts
    4
    Ah, not really virtual computers.
    I meant sandbox.
    A sandbox basically gives a program a fake environment of the OS it's running.
    Not really fake, but all the API calls made by sandbox are intercepted by the sandbox in which
    it could modify its return results and give it back to the program.

    So let's say you let a virus run wild in a sandbox, it tries to destroy your system files, but the
    API call to delete file is intercepted by the sandbox. The sandbox did not delete the files, but
    it returns results that convinced the virus that the system files are already deleted. Basically,
    we make the virus believe it's destroying something whereby in fact it didn't.

    So what we need to do is to intercept system calls from certain programs.

    Anyone have suggestions?

    sorry, API calls made by a program, and not a sandbox.
    I made a mistake.
    ASM,C,C++,BASIC,VB,JAVA,VBS,HTML,ASP,SQL
    Programming is fun, but only if you\'re not on a tight deadline

    So I consider all those working engineers sad people

  5. #5
    Senior Member
    Join Date
    Nov 2002
    Posts
    186
    Maybe a utility like FileMon or DiskMon from sysinternals can help you out. Check them out at:
    http://www.sysinternals.com/ntw2k/utilities.shtml

    They allow you to monitor activity to your file system and hard disk respectively. There are also a pile of other utilities that may be of some help as well.

    Good luck!
    \"When you say best friends, it means friends forever\" Brand New
    \"Best friends means I pulled the trigger
    Best friends means you get what you deserve\" Taking Back Sunday
    Visit alastairgrant.ca

  6. #6
    Senior Member
    Join Date
    Aug 2001
    Posts
    267
    Sandbox....(Virtual computer / protected from the original O/S) Yeah; I ran into that somewhere and thought it was a great idea. Lets you run/test apps without 'damaging' the computers REAL o/s.

    If I see it again.....I will post

    Here's a link for those who haven't seen or heard of 'sandbox'

    http://www.webopedia.com/TERM/S/sandbox.html

  7. #7
    Junior Member
    Join Date
    Jul 2003
    Posts
    4
    Yea Algaen, I know that one. But what we need here is how it works, and possibly the source
    codes.
    ASM,C,C++,BASIC,VB,JAVA,VBS,HTML,ASP,SQL
    Programming is fun, but only if you\'re not on a tight deadline

    So I consider all those working engineers sad people

  8. #8
    Junior Member
    Join Date
    Jun 2003
    Posts
    2

    vmware

    I Know that i'm very off topic but i installed vmware in xp & i put Debian ,could anyone of you
    helpme how ,with host-only configured,share files between XP and DEbian with netcat
    Sorry about my offtopic

  9. #9
    Banned
    Join Date
    May 2003
    Posts
    1,004
    I prefer to utilize various types of access controls to mimic sandboxes, sandboxes have the issue that a single userland can contain many sandboxes and data can move between them, plus they fail to protect the data within the sandbox so their usefulness is limited because it means the user needs to have their programs run in an environment that contains no valuable data, which kinda makes most applications useless.

    On my system, client applications like my web browser and email client run as a restricted user so that I may speficially set what it can and cannot do, for this purpose the harrison, Ruzzo, and Ullman (HRU) access model is ideal. For services, a simple solution is domain based access controls (DBAC) as these effectively place your services in read only, non-hierarchical compartments isolated from the rest of the system. Both of these systems work even better when placed within hierarchical mandatory access controls. The end result is a system that effectively is sandboxed, however still useful as data can be safely used within the sandboxed environments. Additionally this method provides more finely grained controls, because most sandboxes merely prevent anything from stepping outside as if you are going to create a rule set and a collection of trusted agents to handle intercompartmental communications, you might as well take that extra step and simply use the access controls I've discussed, because to do so without these types of protections would be a monumental task to ensure a wide range of compatability.

    Hope this helps.

    catch

  10. #10
    Junior Member
    Join Date
    Jul 2003
    Posts
    4
    catch, u r very knowledgable but I understand none of those
    maybe u can explain more in detail but simple?
    ASM,C,C++,BASIC,VB,JAVA,VBS,HTML,ASP,SQL
    Programming is fun, but only if you\'re not on a tight deadline

    So I consider all those working engineers sad people

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •