Mark Russinovich joins Andrew Richards and Larry Larsen on this episode of Defrag Tools to talk about the history of Sysinternals, his involvement with the Windows Internals book series and advice on Cybersecurity. Learn about new tools, retired tools and tools that never got completed. Get advice on troubleshooting. Get advice on how to survive a cyber attack. And much much more...
Write a comment before 24th Sept. for a chance to win a signed copy of Trojan Horse!
All of Mark's videos on Channel 9 and talks at conferences. Of note:
* Case of the Unexplained...
* Mysteries of Memory Management Revealed - Part 1, Part 2
* Malware Hunting with the Sysinternals Tools
* RSA Conference 2012 -- Zero Day: A Non-Fiction View
* Inside Windows 7
* Inside Windows 7 Redux
* Windows 7 and Windows Server 2008 R2 Kernel Changes
* Windows Vista and Windows Server 2008 Kernel Changes
Sysinternals Administrator's Reference - [Amazon]
Windows Internals books:
* 4th Edition - Windows XP and Windows Server 2003 - [Amazon]
* 5th Edition - Windows Vista and Windows Server 2008 - [Amazon]
* 6th Edition - Windows 7 and Windows Server 2008 R2 - [Amazon: Part 1, Part 2]
* Zero Day - A Novel - [Amazon]
* Trojan Horse - A Novel - [Amazon]
* Operation Desolation - A Short Story - [Amazon]
[00:00] - How did Sysinternals start?
[02:20] - Tools that never got released and tool retirement
[03:55] - The most complex tool - Process Explorer
[04:51] - Favorite tool - ZoomIt
[07:01] - Windows Internals books
[10:54] - What's the best way to learn how to troubleshoot?
[12:47] - Do traditional techniques work when analyzing viruses?
[13:49] - Cybersecurity awareness
[14:40] - Cybersecurity novels
[16:28] - Cybersecurity advice for corporations and individuals
[20:25] - White Listing
[22:53] - User Account Control (UAC)
[29:55] - Winternals vs Sysinternals vs Windows Internals
[31:08] - New Windows 8 features/support in the Sysinternals tools:
* Process Explorer v15.1
* Process Monitor v3.0
* ProcDump v5.0
* RAMMap v1.2
* DebugView v4.78
* AccessChk v5.1
[33:57] - Windows Internals 7th edition (for Windows 8)? Windows Azure Internals?
[36:47] - New tools - PsPing, RAMMap, VMMap
[40:33] - Win a signed copy of Trojan Horse!