debugging

Nov 11 2008   4:07PM GMT

Did you see this? - Microsoft SharePoint Toolkit

Posted by: Troy Tate
administration, Networking, tools, Microsoft Windows, Monitoring, Development, reporting, internet, WAN, LAN, debugging, performance monitoring, SharePoint, design, MOSS, troubleshooting, Performance, howto, network analysis, Metrics, awareness, diagnostics, toolkit, analysis

Many organizations are finding value in the Microsoft SharePoint technologies. Whether you use the free Windows SharePoint Services or the Microsoft Office SharePoint Server, your organization will gain a lot of value from using these services. To enhance your ability to manage these technologies, there is a project on Codeplex called the SharePoint Toolbox. Per the website, the purpose of this project is as follows:

This project includes powerful and useful tools and add-ons for SharePoint that help developers and IT pros implement SharePoint based solutions more quickly and managed them more effectively. Contributions will come from the Microsoft SharePoint Product Group, Microsoft SharePoint Online Services Group, Microsoft Information Technology Group, and Microsoft Consulting Services Group.

I have personally used the CopyTimer utility  to measure throughput from remote sites to a SharePoint server. It worked well and helped gather some excellent data about the site and global network performance.

Enjoy using these tools and give me some feedback on what you find useful and how SharePoint provides value to your organization.

Nov 11 2008   3:51PM GMT

Did you see this? - MS08-067 and the Security Development Lifecycle

Posted by: Troy Tate
administration, Security, Microsoft Windows, patching, Development, debugging, Data security, malware, design, Microsoft, server, risk, awareness, blog, vulnerability, analysis

As you probably already know, Microsoft issued an urgent out of cycle security patch recently for a Vulnerability in Server service could allow remote code execution. Look here for additional Microsoft Security Vulnerability Research and Defense information about this bulletin. If you have not already applied this patch, I urge you to do so as there are reports of MS08-067 exploits in the wild for this vulnerability. For those of you who are developers and QA testers out there and wonder about how this vulnerability slipped through testing at Microsoft. Look at this article about MS08-067 and the Security Development Lifecycle. Like many of the responses to this blog posting say: keep code as simple as possible. Automated testing is not a panacea and keeping things simple may head off signficant problems later for all users and administrators.

Oct 6 2008   1:12PM GMT

Did you see this? - Process monitor now does TCP/UDP monitoring

Posted by: Troy Tate
administration, Networking, forensics, Security, tools, Microsoft Windows, Monitoring, reporting, internet, LAN, debugging, Data security, malware, performance monitoring, recovery, Microsoft, anti-virus, troubleshooting, Performance, howto, network analysis, Sandbox, packet capture, research, diagnostics, Sysinternals, toolkit, analysis

If you ever need to get under the covers of running Windows processes for investigating why a system is running slow, then the Sysinternals toolkit has an updated tool that will help you. Per the website:

Process Monitor is an advanced monitoring tool for Windows that shows real-time file system, Registry and process/thread activity. It combines the features of two legacy Sysinternals utilities, Filemon and Regmon, and adds an extensive list of enhancements including rich and non-destructive filtering, comprehensive event properties such session IDs and user names, reliable process information, full thread stacks with integrated symbol support for each operation, simultaneous logging to a file, and much more. Its uniquely powerful features will make Process Monitor a core utility in your system troubleshooting and malware hunting toolkit.

Process Monitor runs on Windows 2000 SP4 with Update Rollup 1, Windows XP SP2, Windows Server 2003 SP1, and Windows Vista as well as x64 versions of Windows XP, Windows Server 2003 SP1 and Windows Vista.

I had previously talked about the Sysinternals Live website. This update to one of the excellent tools is well worth your time in investigating. Take a look at the updated tool here. The entire Sysinternals toolset can be found here.

If you have not used these tools yet, then you are definitely missing a critical item for being successful in your IT position. Check them out… it may save your reputation some time!

Oct 3 2008   7:59PM GMT

Did you see this? - Open Source Tools University

Posted by: Troy Tate
administration, Networking, Firewalls, forensics, Security, tools, Monitoring, reporting, internet, IT education, WAN, LAN, debugging, Data security, SSL, performance monitoring, blogging, design, anti-virus, troubleshooting, Performance, howto, network analysis, Sandbox, Metrics, wireshark, packet capture, research, blog, podcast, diagnostics, toolkit, analysis

If you are like me, you like those little goodie tools like nmap and wireshark that do something that is actually pretty complex but do it well and have a great following. I just came across this website that I am going to have to take some time to go through and find all of the nuggets it offers. Hope you get some use out of it too and let us know what you discover and how it made your job easier.

LoveMyTool

There are presentations on this site like the Wireshark IO Graph for Response Time Analysis (by Ray Tompkins).This should be a great online learning experience. You will find contributors like Sake Blok, a Wireshark Core Developer and Denny K Miu of StartupforLess.org - A Survival Guide for Bootstrapping Entrepreneurs

Oct 2 2008   12:00PM GMT

My server is hung! What do I do? - debugging resources

Posted by: Troy Tate
administration, tools, Microsoft Windows, reporting, debugging, performance monitoring, recovery, server, troubleshooting, Performance, howto, diagnostics, toolkit

Debugging a dump from a hung server may not be something you do every day, so you may want to engage with a Microsoft debug expert, however with this information as your guide you may find that you can narrow down a problem and save yourself a call.

My Server is hung - what do I do?

http://blogs.msdn.com/ntdebugging/archive/2008/09/12/red-alert-my-server-is-hung-what-do-i-do.aspx

If you need additional background on debugging, this article can get you started:

Basics of Debugging Windows

http://blogs.msdn.com/ntdebugging/archive/2008/08/28/basics-of-debugging-windows.aspx

 ·  Collect a kernel dump:  http://support.microsoft.com/kb/244139

·  Set up the debugger:  http://www.microsoft.com/whdc/devtools/debugging/installx86.mspx

·  Know how to use the symbol server:  http://support.microsoft.com/kb/311503

Additional resources that you may find useful (including links to the tools, book recommendations, etc.):

·  Microsoft Debugging Tools

·  ADPlus – An automated way to use the cdb.exe to capture/create a usermode dump when a process hangs or crashes (more info - http://msdn.microsoft.com/en-us/library/cc265629.aspx or KB286350)

·  Public Symbols for Microsoft Operating Systems:

o Microsoft Public Symbol server : srv * DownstreamStore * http://msdl.microsoft.com/download/symbols

o   example: srv*c:\mysyms*http://msdl.microsoft.com/download/symbols

o   Microsoft Symbol packages http://www.microsoft.com/whdc/devtools/debugging/symbolpkg.mspx#d

·  Use !Analyze-v to gather additional information about the bugcheck and a bucket-id for your dump file.  The bucket-id can be submitted to Microsoft for review for similar crashes and resolutions.  Try using the Microsoft Online Crash Analysis to submit your crash dump bucket-id for possible follow up from Microsoft or for Microsoft to look for trends:  http://oca.microsoft.com/en/Welcome.aspx

·  For concepts, tools and information about the system architecture:  http://msdn.microsoft.com/en-us/default.aspx

·  Windows Internal 4^th edition (by Mark E. Russinovich & David A. Solomon):  the whole book or Chapter 14 - Crash Dump Analysis

·  Advanced Windows Debugging (by Mario Hewardt & Daniel Pravat):  http://technet.microsoft.com/en-us/default.aspx

·  How to Access the User Mode Debugger from the Kernel Debugger

·  How can I find out why the Cluster Resource Monitor dumped – Access Violation

·  1394 Kernel Debugging Tips and Tricks [WinHEC 2004; 373 KB]

·  Debugging Windows Vista