Windows Enterprise Desktop

Jul 10 2009   4:34PM GMT

Windows Internals (Inside Windows) Gets Welcome Update



Posted by: Ed Tittel
Tags:
Alex Ionescu
book review
David A. Solomon
ISBN-13: 978-0735625303
ISBN: 0735625301
Mark Russinovich
Windows 2008
Windows internals
Windows Internals 5e
Windows Vista
Late last week, a small but heavy box showed up at my door. I’d long since forgotten bugging Mark Russinovich last December for a review copy of the latest edition of his Windows internals book: Windows Internals: Including Windows Server 2008 and Windows Vista, 5th edition, co-authored with David A. Solomon and Alex Ionescu, but there it was in my hot little hand. In my odd free moments since then, I’ve been plowing through this 1,260 page book to see what’s new and interesting — though I obviously haven’t had time to read it in its entirety. Keep that caveat in mind as I extoll this book’s many treasures.
Cover shot from Amazon Books

Cover shot from Amazon Books

Here’s another caveat: the primary audience for this book is Windows system developers. They’re the people who will get the most out of its contents, and my lack of in-depth Windows system programming experience probably explains why my eyes glaze over and my mind goes on vacation as I look at certain sections in the book.

That said, there’s a tremendous wealth of information on Windows in here (and from what I can tell, it applies nearly 100% to Windows 7 as well as Windows Vista, thanks to relatively little changes in the kernel and other system facilities between these two most recent desktop Windows versions).  In particular, these are the topics that I found most interesting and illuminating as I flipped through the book for a first quick pass over its contents (I’ll report again from time to time as I dig more deeply into its contents):

  • Chapter 2 System Architecture: learned a thing or two about device drivers, and how to find them, in this chapter.
  • Chapter 3 System Mechanisms: the best coverage of the MS Hyper-V Hypervisor I’ve ever seen anywhere.
  • Chapter 4 Management Mechanisms: as in previous versions, this chapter provides some of the best information about how the Windows registry is structured, and how it works, that I’ve ever seen. Worth the price of admission all by itself.
  • Chapter 5 Processess, Threads, and Jobs: Here’s a tour-de-force illustration of Mark Russinovich’s knowledge of Windows internals, and how nicely the SysInternals tools work to reveal their inner workings.
  • Chapter 6 Security: Provides a killer walkthrough of how Windows performs access checks and uses security identifiers (SIDs) for accounts, groups, and logons. Lots of good detail here on security minutae.
  • Chapter 7 I/O System: includes great sections on Windows Plug and Play (PnP) operation and facilities, and ditto for ACPI/Power Manager.
  • Chapter 8 Storage Management: Best discussions of both BitLocker Drive Encyrption and Volume Shadow Copy Servive (VSS) I’ve seen anywhere.
  • Chapter 9 Memory Management: Another embarrassment of riches, and also worth the price of the book all by itself, especially the sections on physical memmory limits, working sets, and SuperFetch/ReadyBoost/ReadyDrive.
  • Chapter 11 File Systems is worthwhile because it pulls info on all the Windows file systems together in one place and because it provides lots of great information on NTFS in particular.
  • Chapter 12 Networking: lots of good information on the Windows IP stack, NetBIOS, MUP, NLA, LLTD, NAT, and more. I need to spend more time with this chapter to savor it more fully.
  • Chapter 13 Startup and Shutdown: Great excursions into BIOS boot processes, BCD and Bootmgr, EFI boot stuff, plus more on ReadyBoot/ReadyBoost interaction. The great, great section on troubleshooting boot an startup problems is another gem.
  • Chapter 14 Crash Dump Analysis: the second on “The Blue Screen” includes a list of the top 30 stop codes for Windows Vista, and included all my old familiars, for sure. The in-depth discussion of crash dump analysis includes basic and advanced sections, and is also sure to reward further study.

Anybody who works with Windows regularly and needs to understand its inner working will find their investment in this book amply repaid. It is worth every bit of the $38 to $70 you’ll pay for it by shopping online. My only beef about this book is that it’s a monster, at over 1,200 pages and 4.4 pounds, it’s a bit too heavy to read in your lap or hold in your hands for very long. You’ll want to plant this puppy on a table to flip through its many useful bits of information.

Here’s a full citation: Mark Russinovich, David A. Solomon, and Alex Ionescu: Windows Internals: Including Windows Server 2008 and Windows Vista, Fifth Edition, Microsoft Press, 6/17/2009, ISBN-13: 978-0735625303.

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: