- Paperback: 496 pages
- Publisher: Microsoft Press; 1 edition (June 25, 2011)
- Language: English
- ISBN-10: 073565672X
- ISBN-13: 978-0735656727
- Product Dimensions: 7.3 x 1.2 x 8.9 inches
- Shipping Weight: 1.6 pounds (View shipping rates and policies)
- Average Customer Review: 63 customer reviews
Amazon Best Sellers Rank:
#349,672 in Books (See Top 100 in Books)
- #65 in Books > Computers & Technology > Networking & Cloud Computing > Network Administration > Windows Administration
- #92 in Books > Computers & Technology > Business Technology > Windows Server
- #105 in Books > Computers & Technology > Networking & Cloud Computing > Data in the Enterprise > Client-Server Systems
Enter your mobile number or email address below and we'll send you a link to download the free Kindle App. Then you can start reading Kindle books on your smartphone, tablet, or computer - no Kindle device required.
To get the free app, enter your mobile phone number.
Windows Sysinternals Administrator's Reference 1st Edition
Use the Amazon App to scan ISBNs and compare prices.
Fulfillment by Amazon (FBA) is a service we offer sellers that lets them store their products in Amazon's fulfillment centers, and we directly pack, ship, and provide customer service for these products. Something we hope you'll especially enjoy: FBA items qualify for FREE Shipping and Amazon Prime.
If you're a seller, Fulfillment by Amazon can help you increase your sales. We invite you to learn more about Fulfillment by Amazon .
There is a newer edition of this item:
The Amazon Book Review
Author interviews, book reviews, editors picks, and more. Read it now
Frequently bought together
Customers who bought this item also bought
Customers who viewed this item also viewed
About the Author
Mark Russinovich is a Technical Fellow in the Windows Azure group at Microsoft. He is coauthor of Windows SysInternals Administrator’s Reference, co-creator of the Sysinternals tools available from Microsoft TechNet, and coauthor of the Windows Internals book series. Aaron Margosis is a Principal Consultant with Microsoft Public Sector Services. He specializes in application development on Windows platforms, with a focus on security, least privilege, and compatibility in locked-down environments.
Top customer reviews
There was a problem filtering reviews right now. Please try again later.
Now, for the rare techie who's not already a big fan of the Sysinternals tools, I'll give a bit of background. The collection includes around 70 freeware utilities grouped into six loose categories (Process Utilities, Security Utilities, File and Disk Utilities, Networking Utilities, System Info, and Miscellaneous) the majority of which run on any version of Windows (XP and later). I've been using several of the tools on an almost daily basis for a decade. I use Sysinternals utilities to deeply understand the guts of every product I've ever worked on, and to resolve problems with many pieces of software I otherwise know little about..
One of the perks of working in the Windows division at Microsoft is access to the source code of every version of Windows we've shipped in the last decade, but when I want to understand how our software works, I turn to Fiddler and the Sysinternals tools. Why? Because these utilities tell you the truth and show what's really going on. Source code is super-useful, of course, but it's often much more challenging to dig through--there are tens of millions of lines of code to sift through, and they interact in ways that were never formally documented, and sometimes, we find, ways that were never intended. The advantage of using monitoring utilities is that you get to see what's happening, and that usually brings you 90% of the way to a solution. The ability to "peek inside" software as it runs is astonishingly empowering-- in the same way that xrays and MRIs have had a huge impact on the practice of medicine.
Just booting Fiddler or Process Monitor and watching the events fly by will provide a non-trivial level of insight into how software on your computer works. But there's a difference between toying with these utilities and fully exploiting their power, and this is where Mark and Aaron's new book comes in. The book covers each of the tools and provides a full explanation of each; the two most useful tools (Process Explorer and Process Monitor) each get a chapter all their own, but even the most trivial of the utilities in the collection gets a page of coverage.
As a developer myself, my favorite parts of the book are where the authors reveal some of the tools' "secrets", explaining how they accomplish some interesting task. My other favorite parts of the book are the "Case of the..." sections that comprise the last three chapters--each section explains how the authors (or their colleagues) have used one or more of the Sysinternals tools to solve a real-world problem. These sections are well-written, super-interesting, and provide a fantastic primer for turning what you've learned in the earlier chapters into real-world results.
The book includes tons of facts about Windows itself that I'd forgotten or never picked up on to begin with. Over the years, Windows has added a number of features previously only available in the Sysinternals tools--the authors mention when this is the case, and compare and contrast the new Windows features to those in the Sysinternals utilities.
No book is perfect, of course. The book's structure enables the reader to jump directly to information about each specific tool, so anyone who reads the book cover-to-cover as I did will find some repetition of information between the sections and chapters. The authors' expectations of their readers' technical-savvy also seems uneven at some points--I was amused that a book that discusses kernel debugging and memory-manager design would take the time to footnote the meaning of the word "string" as it is used in software. But, on the whole, the book is very well-written.
If you develop or debug software on the Windows platform, this book will provide a great return on investment (purchase price and reading time).
First, it is not an exhaustive introduction to Windows. The 2nd chapter called Windows Core Concepts is only about 20 pages long, so it doesn't cover anything in depth. The authors acknowledge that there are more comprehensive books on these concepts available, like Windows Internals (also by Mark Russinovich), so it wasn't their intention that this book cover the topics in depth. Instead they give nice, concise summaries of core concepts like Kernel vs. User Mode, Processes and Threads, and the Call Stack. The authors provide a perfect explanation of the above topics for understanding how the utilities interact with Windows.
The second way in which this book differs from others (for learning about Windows) is that it is intimately connected with the fantastic set of utilities. Where some books rely on diagrams and maybe some screen-shots of some built-in MS utilities to show how Windows works, this one contains screen images for each GUI utility as well as the console output for command line utilities. In this way, one learns to use a utility that shows the workings of the operating system in real time.
A great comprehensive book like Windows Internals, and a great practical utility guide like this book are perfect companions for one learning about the inner workings of MS Windows.
Example - ProcDump is an application mentioned in the book that uses command prompt to give it commands. When you launch command prompt it defaults to a specific folder, you profile folder. Well if you do not have this application in that folder, then it won't work. They don't tell you this. It is assumed you know this. That's what IT is all about though, solving problems.
I think this is a good book and a must have for any serious helpdesk tech.