Friday, July 6, 2012

#Ebook Deal/Day: Windows Internals, Part 1 - $15.99 (Save 50%) Use code MSDEAL

Publisher:?Microsoft Press

Released:?March 2012

Pages:?752

Delve inside Windows architecture and internals?and see how core components work behind the scenes. Led by three renowned internals experts, this classic guide is fully updated for Windows 7 and Windows Server 2008 R2?and now presents its coverage in two volumes.

As always, you get critical insider perspectives on how Windows operates. And through hands-on experiments, you?ll experience its internal behavior firsthand?knowledge you can apply to improve application design, debugging, system performance, and support.

In Part 1, you will:

  • Understand how core system and management mechanisms work?including the object manager, synchronization, Wow64, Hyper-V, and the registry
  • Examine the data structures and activities behind processes, threads, and jobs
  • Go inside the Windows security model to see how it manages access, auditing, and authorization
  • Explore the Windows networking stack from top to bottom?including APIs, BranchCache, protocol and NDIS drivers, and layered services
  • Dig into internals hands-on using the kernel debugger, performance monitor, and other tools
NOTE: Part 2 Available Fall 2012

  1. Chapter 1 Concepts and Tools

    1. Windows Operating System Versions

    2. Foundation Concepts and Terms

    3. Digging into Windows Internals

    4. Conclusion

  2. Chapter 2 System Architecture

    1. Requirements and Design Goals

    2. Operating System Model

    3. Architecture Overview

    4. Key System Components

    5. Conclusion

  3. Chapter 3 System Mechanisms

    1. Trap Dispatching

    2. Object Manager

    3. Synchronization

    4. System Worker Threads

    5. Windows Global Flags

    6. Advanced Local Procedure Call

    7. Kernel Event Tracing

    8. Wow64

    9. User-Mode Debugging

    10. Image Loader

    11. Hypervisor (Hyper-V)

    12. Kernel Transaction Manager

    13. Hotpatch Support

    14. Kernel Patch Protection

    15. Code Integrity

    16. Conclusion

  4. Chapter 4 Management Mechanisms

    1. The Registry

    2. Services

    3. Unified Background Process Manager

    4. Windows Management Instrumentation

    5. Windows Diagnostic Infrastructure

    6. Conclusion

  5. Chapter 5 Processes, Threads, and Jobs

    1. Process Internals

    2. Protected Processes

    3. Flow of CreateProcess

    4. Thread Internals

    5. Examining Thread Activity

    6. Worker Factories (Thread Pools)

    7. Thread Scheduling

    8. Processor Share-Based Scheduling

    9. Dynamic Processor Addition and Replacement

    10. Job Objects

    11. Conclusion

  6. Chapter 6 Security

    1. Security Ratings

    2. Security System Components

    3. Protecting Objects

    4. The AuthZ API

    5. Account Rights and Privileges

    6. Access Tokens of Processes and Threads

    7. Security Auditing

    8. Logon

    9. User Account Control and Virtualization

    10. Application Identification (AppID)

    11. AppLocker

    12. Software Restriction Policies

    13. Conclusion

  7. Chapter 7 Networking

    1. Windows Networking Architecture

    2. Networking APIs

    3. Multiple Redirector Support

    4. Distributed File System Namespace

    5. Distributed File System Replication

    6. Offline Files

    7. BranchCache

    8. Name Resolution

    9. Location and Topology

    10. Protocol Drivers

    11. NDIS Drivers

    12. Binding

    13. Layered Network Services

    14. Conclusion

  1. Appendix About the Authors

  2. Appendix More Resources for Developers

    1. Microsoft Press? books

  3. Appendix Find the Right Resource for You

Title:
Windows? Internals, Part 1, Sixth Edition
By:
Mark E. Russinovich, David A. Solomon, Alex Ionescu
Publisher:
Microsoft Press
Formats:
  • Print
  • Ebook
  • Safari Books Online
Print:
March 2012
Ebook:
March 2012
Pages:
752
Print ISBN:
978-0-7356-4873-9
| ISBN 10:
0-7356-4873-5
Ebook ISBN:
978-0-7356-5656-7
| ISBN 10:
0-7356-5656-8

  1. Mark E. Russinovich

    Mark Russinovich is a Technical Fellow in the Windows Azure? group at Microsoft. He is coauthor of Windows SysInternals Administrator?s Reference, co-creator of the Sysinternals tools available from Microsoft TechNet, and coauthor of the Windows Internals book series.

    View Mark E. Russinovich's full profile page.

  2. David A. Solomon

    David A. Solomon is coauthor of the Windows Internals book series and has taught his Windows internals class to thousands of developers and IT professionals worldwide, including Microsoft staff. He is a regular speaker at Microsoft conferences, including TechNet and PDC.

    View David A. Solomon's full profile page.

  3. Alex Ionescu

    Alex Ionescu is a chief software architect and consultant expert in low-level system software, kernel development, security training, and reverse engineering. He teaches Windows internals course with David Solomon, and is active in the security research community.

    View Alex Ionescu's full profile page.

Description

Table of Contents

Product Details

About the Author

Recommended for You

Customer Reviews

6/11/2012

?

4.0

Excellent technical reference

By?Jim Schubert

from Richmond, VA

  • Accurate
  • Concise
  • Helpful examples

The content in this book is immense. Don't expect to retain 100% of what you've read because I don't think it's humanly possible.

The content is extremely technical and very low-level. My background is mostly in web development and I realized after reading Chapter 1 that would need to familiarize myself with WinDbg before continuing on. If you're not familiar with WinDbg, I recommend reading some tutorials. Although some of the experiments in this book will guide you through the WinDbg usage for the experiments themselves, they won't do any good unless you understand what the output really means. Other experiments will use SysInternals tools or others such as utilities from the WDK.

By the end of Chapter 2 and a number of experiments using WinDbg and SysInternals tools, I felt that I was better equipped to debug native applications. In fact, I referred to this book to debug a third-party native library and found that it had not properly released a resource, which helped the developers resolve the issue more quickly.

As an example of the depth of content in this book, there are roughly 20 pages dedicated to the creation of a process.

For System Administrators, I'd highly recommend Chapter 4 which covers the Registry and very valuable experiments related to services (such as viewing which services respond to which triggers).

I'd recommend this book for any engineers who plan to improve their native debugging skills, to develop Windows drivers, or to deepen their knowledge of the Windows operating system. This is not a book for a novice.

I've given this book 4/5 stars. It is a stellar book and it has improved my ability to troubleshoot, while helping to better familiarize with the SysInternals toolset (which I had already used regularly). I would have given 5/5 stars, but the content mostly reads like informal knowledge transfer rather than the average book from Microsoft Press. If it weren't for the language of the experiments, it would read as dryly as (or more dryly than) a textbook. It is one of very few books I would recommend not reading cover-to-cover and instead use as a reference for very specific inquiries.

5/28/2012

?

5.0

A superb deep dive in the Windows OS

By?StockTrader

from Reading, UK

About Me Developer, Sys Admin

  • Accurate
  • Helpful examples
  • Well-written

5/11/2012

?

4.0

A Useful Deep Technology Book

By?New Signature

from Washington, DC

Alex Ionescu, Mark Russinovich and David A. Solomon have all contributed to the rich tapestry of Windows Internals in the past, and their work is, as usual, top-notch. The decision to split the book into two sections was a good one, as it has been almost 3 years since Windows 7 was released, as well as the last Windows Internals volume, which covered Vista and Server 2008. Though it's not their fault, with Server 2012 and Windows 8 due out later this year, the only frustrating part of reading WI6 was the realization that within a year, many design decisions will be out of date.

With that frustration out of the way, the book is quite comprehensive, much like its predecessors. Because it covers both Window 7 and Server 2008R2, which are evolutionary updates from the kernel present in Vista and 2008, the content is mostly deeper, rather than wider, in nature. Many of the key concepts will not have to be completely relearned if one was already familiar with the underlying architectural decisions. Over the past three years, the tools used in the book have also been updated greatly, and revisiting them is a key improvement. Having the tools documented in a previous work resulted in a quicker learning process as well, which wasn't possible with earlier editions.

From how processes work, to the internal functions of the kernel to power management implications in multi-processor architectures, WI6 lays out every concept in readable detail. Because this isn't designed for the casual systems administrator, or even the mid-level developer, the concepts can get extremely technical in a hurry. As a reference book, WI6 is perfect, but it falls a little flat from a narrative perspective, simply because many of the concepts are interlocking in a way that prevents a serial approach to learning. On the plus side, this ensures that every chapter stands on its own. For fans of the Sysinternals Administrator's Reference, this work is far drier and academic, but no less useful.

For serious developers and system administrators, the tools and methods detailed in WI6 are without equal. As such, it definitely belongs on your wall (or in your Kindle) for advanced troubleshooting. Even when Windows 8 and Server 2012 are released, Windows 7 and Server 2008R2 will continue to be deployed at many enterprises, making this reference work invaluable. Hopefully the second half of the book will be released before those products!

?

Source: http://feedproxy.google.com/~r/oreilly/mspebookdeal/~3/L2D5bBArGhI/0790145305930.do

eli whitney blake griffin dunk on kendrick perkins kendrick perkins steve jones emily maynard kola boof burmese python

Posted by at

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.

Subscribe to: Post Comments (Atom)