The best security is a layered defense. Companies surround themselves with rings of firewalls, intrusion detectors and content filters, and yet malicious code occasionally penetrates and assaults their innermost hard drives.

Tiny Trojan Trap tackles this last possible breach with sandbox technology that places users' software applications into private sandboxes where they can play but can't do anything destructive.

---

How we did it
Graphic: Net results

---

In our tests, Tiny Trojan Trap protected files residing on Windows-based desktops, but you have to specify its boundaries - what it should protect and what it must leave alone.

Tiny Trojan Trap is a stand-alone application that can be installed remotely via, for instance, Microsoft's Systems Management Server or Novell's ZENWorks, to multiple remote desktops. A network professional would probably tweak the settings on each desktop to get it set up properly.

It was easy to install, placing almost all our existing applications in an unrestricted group, making the assumption that they had no dangerous aspects. (See How we did it).

The software then blocked our attempts to download a harmless PDF file containing the manual because the install program had placed Internet Explorer into an application group with restricted rights. We could read and print the file with Acrobat Reader because Acrobat was placed in the unrestricted application group.

We would have preferred an installation option that let us start with low, medium or high security options for our applications.

The Administration Tool used after installation has an easy mode setting that lets you adjust simple slide bars to the level of security desired for each application group. There is also a helpful list of all the application groups, and moving applications between groups is simply drag and drop.

The advanced mode has a two-pane window resembling Windows Explorer to match application groups to individual system components. Each application group gets access privileges specified for each system component. For example, you can specify that all the applications in a particular group can have limited access to individual services, hardware devices and even specific subdirectories of files.

---

How we did it

We tested Tiny Trojan Trap Version 3.0.4 primarily on a Dell OptiPlex Gx110, 667 MHz running Windows 2000 Professional and also on a Compaq Presario 5000 1.2 GHz, running Windows XP Home Edition. We ran a batch file to delete several system files. We used a disk editor to manipulate the boot records on our hard drive. We sent an e-mail message using Microsoft's Outlook Express to test the e-mail filtering.

---

Advanced mode also lets you add content filtering for Web access and outgoing e-mail. Trojan Trap does not provide a blacklist of Web sites or a list of suggested words to block outgoing e-mail.

There are some handy tools for handling cache and cookies. We set an option to delete all cookies after each session and edited the list of Web sites we visited, an automatic way to clean up your browser's cache.

When we tested the product on a multiuser computer, we were disappointed that each user cannot have his own Trojan Trap settings. We appreciated the password feature that prevents tampering with the settings.

Trojan Trap lets you adjust security downward to allow better computer performance. But on our 1.2-GHz Windows XP computer there was no noticeable performance hit at all at its highest setting.

Trojan Trap comes with the ability to launch antivirus scans and to automatically scan CAB files before they are installed. However, it couldn't identify Norton AntiVirus 2002.

Reporting in Trojan Trap is limited. We would have liked to have at least printed out some of the information in the Activity windows and sorted columns of data by clicking on their headers.

Overall, we would recommend Tiny Trojan Trap as an added layer of security to expert users and to average users who have the patience to adjust its settings.

Full article and source:

Network World Fusion