 |
Winternals Defragmentation, Recovery, and Administration Field Guide
Be the First to Write a Review and tell the world about this title!People who purchase this book frequently purchase: Books on similar topics, in best-seller order:Books from the same publisher, in best-seller order:
The Only Book for the Leading Winternals Tools Used in Microsoft Networks!
"Winternals first came to my rescue in November of 1999. It was then
that I purchased my Winternals Administrator’s Pak. It contained BlueSave
Version 1.01, ERD Commander Professional Version 1.06, Monitoring Tools (Filemon
and Regmon) Enterprise Editions Version 1.0, NTFSDOS Professional Version 3.03,
NTRecover Version 1.0, and Remote Recover Version 1.01. We had a Windows NT
4 server in the dead zone. I spent a few hours reading over the ERD and Remote
Recover user guides, created a “client floppy,” and began my quest.
Thank goodness that version of ERD had the ability to access NT-defined fault-tolerant
drives. Within a few hours we had recovered the system and were back up and
running. With that success, I thought back on hundreds of earlier incidents
that made me wish I had purchased Winternals sooner. We have come a long way
since then; the Winternals team has improved upon and added many tools and features
to the Administrator’s Pak utilities. One thing remains constant—in
the Microsoft administrator’s world, Winternals is a lifesaver."
–from the Foreword by Dave Kleiman
· Master ERD Commander 2005
Use the ERD Commander to make a boot disk, run the Locksmith, remove hotfixes,
access restore points, and more.
· Explore Process Activity with Process Explorer
Use Autoruns and Process Explorer together to troubleshoot startups and combat
malware.
· View the Security Settings of Your Computer
Use the various Winternals tools to monitor users and shared resources, investigate
suspicious local files, and search for installed rootkits.
· Use Sysinternals Tools to Monitor Active Sessions
Use FileMon to view all file activity and Regmon to view all Registry activity.
· Integrate with Windows’ System Programs
Manage disk fragmentation, get extended file/disk information, and manage disk
utilization.
· Perform Data Recovery
Recover data across a network, recover files, and restore lost active directory
data.
· Troubleshoot System Failures
Make sense of a Windows crash, identify errant drivers, detect problematic file
and registry accesses, and more.
· Monitor Connections with TCPTools
View active network connections and identify problematic network applications
using TCPView and TDIMon.
· Optimize NT 4.0 Systems
Extend the Life of NT 4 systems using CacheSet, Contig, PMon, and Frob.
Table of Contents
Recovering Your Computer with ERD Commander 2005
Examining Your Computer
Checking the Security of Your Computer
Computer Monitoring
Disk Management
Recovering Lost Data
System Troubleshooting
Network Troubleshooting
Tools for Programmers
Working with the Source Code
NT 4.0-Only Tools
Having Fun with Sysinternals
About the Authors
Dave Kleiman (CAS, CCE, CIFI, CISM, CISSP, ISSAP, ISSMP, MCSE) has worked
in the information technology security sector since 1990. Currently, he is the
owner of SecurityBreachResponse.com and is the Chief Information Security Officer
for Securit-e-Doc, Inc. Before starting this position, he was Vice President
of Technical Operations at Intelliswitch, Inc., where he supervised an international
telecommunications and Internet service provider network. Dave is a recognized
security expert. A former Florida Certified Law Enforcement Officer, he specializes
in computer forensic investigations, incident response, intrusion analysis,
security audits, and secure network infrastructures. He has written several
secure installation and configuration guides about Microsoft technologies that
are used by network professionals. He has developed a Windows operating system
lockdown tool, S-Lok. Dave was a contributing author to Microsoft Log Parser
Toolkit (Syngress Publishing, ISBN: 1-932266-52-6). He is frequently a speaker
at many national security conferences and is a regular contributor to many security-related
newsletters, Web sites, and Internet forums. Dave is a member of several organizations,
including the International Association of Counter Terrorism and Security Professionals
(IACSP), International Society of Forensic Computer Examiners® (ISFCE),
Information Systems Audit and Control Association® (ISACA), High Technology
Crime Investigation Association (HTCIA), Network and Systems Professionals Association
(NaSPA), Association of Certified Fraud Examiners (ACFE), Anti Terrorism Accreditation
Board (ATAB), and ASIS International®. He is also a Secure Member and Sector
Chief for Information Technology at The FBI’s InfraGard® and a Member
and Director of Education at the International Information Systems Forensics
Association (IISFA).
Laura E. Hunter (CISSP, MCSE, MCT, MCDBA, MCP, MCP+I, CCNA, A+, Network+,
iNet+, CNE-4, CNE-5) is a Senior IT Specialist with the University of Pennsylvania,
where she provides network planning, implementation, and troubleshooting services
for various business units and schools within the university. Laura was recently
awarded the prestigious MVP award as a Microsoft Most Valued Professional.
|
|
