Winternals Defragmentation, Recovery, and Administration Field Guide Review
I starting looking at Winternals shortly after Microsoft acquired the Winternals company. I almost didn't read the book, because I do not use the commercial Winternals tools. When I saw the book covered tools available from Sysinternals, I decided to concentrate on information relevant to me. I'm glad I did -- Winternals is a remarkably helpful book.
The most surprising aspect of Winternals is the focus on malware detection and removal. I expected the book to basically explain the tools and their options. I did not imagine the authors would provide multiple examples of fighting malware with Sysinternals utilities. Some of the discussion of kernel-mode rootkit removal is a little naive and outdated, given recent advances in the field. However, I really liked seeing more-or-less real-world examples of proper tool usage.
My concerns with Winternals are the same ones I usually express when I read a book by multiple authors: internal redundancy. Ten authors and one technical editor wrote Winternals. As a result, the Windows registry is "introduced" several times in the book. The same goes for popular tools like FileMon, RegMon, and PsList. Removing these redundancies is the job of the lead author or editor. Since Winternals seems to feature neither party, the book is internally redundant.
In some cases I felt introductory material wasn't necessary. For example, I didn't need ot read about DNS and Whois in Ch 8. I imagine most people reading Winternals already know how those protocols work.
Minor problems include appearances of odd text formatting and some screenshots being too small to really decipher. I didn't see many obvious typos, although the mention of "Syng set" on p 334 should say "SYN sent."
Despite these issues, I liked reading Winternals. Windows-centric security analysts, incident responders, and desktop engineers who are beginning to use Sysinternals and Winternals tools will find this book invaluable.
Winternals Defragmentation, Recovery, and Administration Field Guide Overview
The only book available for the market leading Winternals tools used in over 70,000 Microsoft networks worldwide.
The book begins with a chapter describing the most common challenges faced by system administrators related to system recovery, data backup and system performance enhancements. The next chapters introduce the readers to the complete suite of Winternals solutions including Recovery Manager, Defrag Manager, and the Administrator's Pak which repairs unbootable or locked-out systems, restores lost data, and removes malware from infected machines. Chapters on the Administrator' Pak detail all the components of this powerful suite of tools including: ERD Commander 2005, Remote Recover, NTFSDOS Professional, Crash Analyzer Wizard, FileRestore, Filemon Enterprise Edition, Regmon Enterprise Edition, AD Explorer, Insight for Active Directory, and TCP Tools. Each of these chapters details the complete functionality of all tools, and also provides detailed examples for using all tools in relatively simple to extremely complex scenarios. The chapters and companion Web site also include dozens of working scripts to automate many data recovery, backup, and performance enhancement tasks.
· Winternals tools are the market leading data recovery and system optimization tools for Microsoft Networks. These tools are deployed in more than 70,000 companies worldwide
· Despite the popularity of the Winternals tools, there are no competing books
· The companion Web site to the book will provide dozens of working scripts to optimize and enhance the performance of the Winternals tools
Available at Amazon Check Price Now!
Related Products
- Windows® Internals: Including Windows Server 2008 and Windows Vista, Fifth Edition (PRO-Developer)
- Rootkits for Dummies (For Dummies (Computer/Tech))
- Microsoft Windows Internals (4th Edition): Microsoft Windows Server 2003, Windows XP, and Windows 2000
- Hacking: The Next Generation (Animal Guide)
- Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security Scanning
Customer Reviews
VERY VERY HIGHLY RECOMMENDED!! - John R. Vacca - Pomeroy, Ohio
Are you a systems administrator? If you are, then this book is for you. Authors Dave Kleiman, Laura Hunter, Mahesh Satyanarayana, Kimon Andreou, Nancy G Altholz, Lawrence Abrams, Darren Windham, Tony Bradley and Brian Barber, have done an outstanding job of writing a book about the Winternals and Sysinternal tools in real-world situations that administrators can and will face on a daily basis.
Kleiman, Hunter, Satyanarayana, Andreou, Altholz, Abrams, Windham, Bradley and Barber, begin by showing you how to use Process Explorer and Autoruns to spot and eliminate malware autostarts, services, drivers, and processes. Then, the authors describe in detail, the tools developed by Sysinternals to illustrate this sort of advanced information and explain how to use them. Next, they show you how to use Sysinternals tools to monitor active sessions on a computer and how to discover which processes are accessing which resources. They also show you a better way to manage disk and file fragmentation on your volumes. The authors then continue by examining the data recovery tools made available to you by the Winternals team. Then, they show you how to make sense of the infamous Blue Screen of Death. Next, the authors show you how to monitor active socket connections. They also examine a few tools provided by the Winternals group that any software developer would find useful. The authors continue by discussing the available source code. Then, they cover topics ranging from advanced system optimization, to options available in a multiboot system with various versions of Windows, to data recovery for NT. Finally, the authors show you how to use screensaver with a perverted twist to it.
This most excellent book will show you how to bring dead systems back to life through the use of Winternals. Perhaps more importantly, Winternals software is capable of doing much more than that!
*** Product Information and Prices Stored: Aug 31, 2010 20:48:04
No comments:
Post a Comment