Winternals Defragmentation, Recovery, and Administration Field Guide Paperback – 21 Aug 2006
|New from||Used from|
- Choose from over 13,000 locations across the UK
- Prime members get unlimited deliveries at no additional cost
- Find your preferred location and add it to your address book
- Dispatch to this address when you check out
Enter your mobile number or email address below and we'll send you a link to download the free Kindle App. Then you can start reading Kindle books on your smartphone, tablet, or computer - no Kindle device required.
To get the free app, enter your mobile phone number.
About the Author
Dave Kleiman (CAS, CCE, CIFI, CISM, CISSP, ISSAP, ISSMP, MCSE) has worked in the Information Technology Security sector since 1990. Currently, he is the owner of SecurityBreachResponse.com, and is the Chief Information Security Officer for Securit-e-Doc, Inc. Before starting this position, he was Vice President of Technical Operations at Intelliswitch, Inc. where he supervised an international telecommunications and Internet service provider network. Dave is a recognized security expert. A former Florida Certified Law Enforcement Officer, he specializes in computer forensic investigations, incident response, intrusion analysis, security audits, and secure network infrastructures. He has written several secure installation and configuration guides about Microsoft technologies that are used by network professionals. He has developed a Windows Operating System lockdown tool, S-Lok (www.s-doc.com/products/slok.asp), which surpasses NSA, NIST, and Microsoft Common Criteria Guidelines. Dave was a contributing author to Microsoft Log Parser Toolkit (Syngress Publishing, ISBN: 1-932266-52-6). He is frequently a speaker at many national security conferences and is a regular contributor to many security-related newsletters, Web sites, and Internet forums. Dave is a member of several organizations, including the International Association of Counter Terrorism and Security Professionals (IACSP), International Society of Forensic Computer Examiners' (ISFCE), Information Systems Audit and Control Association' (ISACA), High Technology Crime Investigation Association (HTCIA), Network and Systems Professionals Association (NaSPA), Association of Certified Fraud Examiners (ACFE), Anti Terrorism Accreditation Board (ATAB), and ASIS International' He is also a Secure Member and Sector Chief for Information Technology at The FBI's InfraGard' and a Member and Director of Education at the International Information Systems Forensics Association (IISFA).
Most Helpful Customer Reviews on Amazon.com (beta)
The most surprising aspect of Winternals is the focus on malware detection and removal. I expected the book to basically explain the tools and their options. I did not imagine the authors would provide multiple examples of fighting malware with Sysinternals utilities. Some of the discussion of kernel-mode rootkit removal is a little naive and outdated, given recent advances in the field. However, I really liked seeing more-or-less real-world examples of proper tool usage.
My concerns with Winternals are the same ones I usually express when I read a book by multiple authors: internal redundancy. Ten authors and one technical editor wrote Winternals. As a result, the Windows registry is "introduced" several times in the book. The same goes for popular tools like FileMon, RegMon, and PsList. Removing these redundancies is the job of the lead author or editor. Since Winternals seems to feature neither party, the book is internally redundant.
In some cases I felt introductory material wasn't necessary. For example, I didn't need ot read about DNS and Whois in Ch 8. I imagine most people reading Winternals already know how those protocols work.
Minor problems include appearances of odd text formatting and some screenshots being too small to really decipher. I didn't see many obvious typos, although the mention of "Syng set" on p 334 should say "SYN sent."
Despite these issues, I liked reading Winternals. Windows-centric security analysts, incident responders, and desktop engineers who are beginning to use Sysinternals and Winternals tools will find this book invaluable.