Sandboxie. Use Ring0 or Ring3 hooks?

Discussion in 'other anti-malware software' started by Chuck57, Jan 4, 2007.

Thread Status:
Not open for further replies.
  1. Chuck57

    Chuck57 Registered Member

    Joined:
    Sep 2, 2002
    Posts:
    1,422
    Location:
    New Mexico, USA
    I'm currently using BZ free but am thinking about trying Sandboxie, since I understand the free version is very similar in operation.

    I read somewhere that the newer versions of BZ use the more secure Ring0 hooks. Anybody know if Sandboxie is using them or the supposedly less secure Ring3?

    I'll also add that talking about Ring3 or Ring0 might as well be speaking in Martian as far as I'm concerned. I just know one is better than the other.
     
  2. budfox

    budfox Registered Member

    Joined:
    Apr 5, 2005
    Posts:
    103
    what is BZ.
     
  3. Chuck57

    Chuck57 Registered Member

    Joined:
    Sep 2, 2002
    Posts:
    1,422
    Location:
    New Mexico, USA
    BZ is BufferZone. I'm using the free version.
     
  4. pilotart

    pilotart Registered Member

    Joined:
    Feb 14, 2006
    Posts:
    377
  5. Meriadoc

    Meriadoc Registered Member

    Joined:
    Mar 28, 2006
    Posts:
    2,642
    Location:
    Cymru
    Sandboxie is fine. It does hook the System Service Descriptor Table over 30 times.
    Malware that is executing on the system is running inside of Sandboxie's hooks.
    Sandboxie Hierarchy
     
Loading...
Thread Status:
Not open for further replies.