Windows Internals. System architecture, processes, threads, memory management, and more
16+
2.8(3 оценки)
1 рецензия
С момента выхода предыдущего издания этой книги операционная система Windows прошла длинный путь обновлений и концептуальных изменений, результатом которых стала новая стабильная архитектура ядра Windows 10.
Книга «Внутреннее устройство Windows» создана для профессионалов, желающих разобраться
Полная аннотация
Все характеристики
Аннотация
С момента выхода предыдущего издания этой книги операционная система Windows прошла длинный путь обновлений и концептуальных изменений, результатом которых стала новая стабильная архитектура ядра Windows 10.
Книга «Внутреннее устройство Windows» создана для профессионалов, желающих разобраться во внутренней жизни основных компонентов Windows 10. Опираясь на эту информацию, разработчикам будет проще находить правильные проектные решения, создавая приложения для платформы Windows, и решать сложные проблемы, связанные с их эксплуатацией. Системные администраторы, зная что находится у операционной системы «под капотом», смогут разобраться с поведением системы и быстрее решать задачи повышения производительности и диагностики сбоев. Специалистам по безопасности пригодится информация о борьбе с уязвимостями операционной системы.
Прочитав эту книгу, вы будете лучше разбираться в работе Windows и в истинных причинах того или иного поведения ОС.
7-е издание.
Характеристики
Тип обложки
7Б — твердая (плотная бумага или картон)
Оформление
Тиснение золотом, частичная лакировка
Все характеристики
The definitive guide–fully updated for Windows 10 and Windows Server 2016
Delve inside Windows architecture and internals, and see how core components work behind the scenes. Led by a team of internals experts, this classic guide has been fully updated for Windows 10 and Windows Server 2016.
Whether you are a developer or an IT professional, you’ll get critical, insider perspectives on how Windows operates. And through hands-on experiments, you’ll experience its internal behavior firsthand–knowledge you can apply to improve application design, debugging, system performance, and support.
This book will help you:
· Understand the Window system architecture and its most important entities, such as processes and threads
· Examine how processes manage resources and threads scheduled for execution inside processes
· Observe how Windows manages virtual and physical memory
· Dig into the Windows I/O system and see how device drivers work and integrate with the rest of the system
· Go inside the Windows security model to see how it manages access, auditing, and authorization, and learn about the new mechanisms in Windows 10 and Server 2016
Brief content visible, double tap to read full content.
Full content visible, double tap to read brief content.
I’ve been living, breathing, and training in operating systems and cybersecurity technology for almost two decades, and there’s nothing I love more. In part thanks to my ground-breaking research and wealth of Windows Internals knowledge, I am honored to have been recently recognized by the United States Government as an Alien of Extraordinary Ability, “demonstrating internationally recognized extraordinary abilities in the sciences through sustained national or international acclaim.”
As a developer, I started my career as one of the key lead kernel developers on the open source ReactOS project, and re-implemented from scratch, based on reverse engineering and black box testing, large parts of the Windows XP/2003 kernel (which was, at the time, current). Throughout that work, I uncovered dozens of vulnerabilities and just plain old bugs in the kernel and its many associated subsystems and drivers, both in user-mode and kernel-mode. I then moved on to work at Apple, Inc. where I was an intern and then part-time remote software engineer while completing my studies, and worked on the Core Platform team, where I helped port both iOS and iBoot, as well as related drivers, to exciting new platforms, ARM architectures, and SOCs, as well as worked on interesting and varied user-mode infrastructure such as SpringBoard, Mach RPC, and CoreAnimation. Finally, I joined CrowdStrike, Inc., as part of its launch team over five years ago, where I initially started as its Chief Architect, responsible for the overall vision and design of its endpoint security product, and have recently taken on a new role as the Vice President of EDR Strategy, to help cement its lead in the market and unparalleled visibility into operating system behaviors.
As a reverse engineer, I began tearing apart Windows long before my involvement with ReactOS. While now having joined the relics of GeoCities, Planet Source Code was a popular coding website where developers compete against one another to win the coveted “Superior Code Award”. Each of my 8 submissions gathered exclusively five-star reviews, and I had won the award three times by the time I moved on. My ongoing reverse engineering work and research led me to first publish at Recon in 2006 and BlackHat in 2008, followed by many more security conferences, where I have now participated in for over a decade.
Finally, as a teacher and technical writer, I first began by publishing an 125-page paper on Windows Internals on Planet Source Code, which covered key windows structures in the NT kernel, and was one of the first to leverage the use of Microsoft’s Public Symbol Files (PDB) to extract type data from the kernel. I later followed-up with an entire reverse engineering overview of the Visual Basic 6 File Format, which was used by many decompilers at the time (as well as some contracting work on the side). Finally, I eventually published a similar guide on the NTFS File Format, which greatly helped the ntfs-3g Linux Project achieve a more consistent understanding of the various data structures involved. I began giving small presentations on ReactOS and NT internals at various locations, including a presentation at Waterloo University in Canada, which eventually led to my contracting with David Solomon Expert Seminars, Inc., a real titan in the Windows Internals training world. Just as Winternals and Mark Russinovich had been acquired by Microsoft, I was contracted to “fill his shoes” (an impossible task) and began giving regular trainings at Microsoft for David, followed by a growing list of additional customers and organizations.
I now own my own consulting company, Winsider Seminars & Solutions, Inc., and continue to focus on researching, writing, and writing, about Windows. Please visit our training offerings on the site at http://www.windows-internals.com to see if our topics are of interest, or feel free to shoot me an e-mail if you have something custom in mind.
Windows NT File System Internals
Early NT
Information on the Windows NT Kernel, IO Subsystem, NT Cache Manager and Virtual Memory manager, and more
Inside Windows 2000 Third Edition
Early NT 5
This book is on Windows 2000, the Improvements and additions over NT4, New features never before seen in Windows NT and more.
Windows Internals 4th Edition
NT 5
This book focuses on Windows 2000, XP and Server 2003 system internals, functions, processes and in-depth descriptions of certain APIs and the Kernel
Windows Internals 5th Edition
Early NT 6
This book looks into the Internals of the start of NT 6 (Vista\2k8) .
Windows Internals 6th Edition
NT 6
6th Edition contains updates to the NT 6 Codebase, learn about updated Features, Functions and Subsystems in NT6
Windows Internals 7th Edition Part 1
NT 6+
This book delves into the key components relating to NT’s System, Windows Kernel and more
Windows Kernel Internals (slides)
Some documentation for specifics on the Kernel itself, these documents and individual for each subject.
Windows Kernel Overview
(Part 1) Coverage on the topics covered in the Windows Kernel Internals Documentation
Windows Kernel Overview II
(Part 2) Further coverage on the topics covered in the Windows Kernel Internals Documentation
Kernel Extentions
Information on different types of Extentions available to the Kernel, along with what supports Kernel-Mode Extentions
Windows Driver Models
Details on types of Drivers the Kernel can make use of, how Drivers communicated with their requested features and more.
Windows Driver Foundation
Info and examples on Framework-based Drivers, what they call upon (IO, Device Descriptors etc.) and more.
x86 Traps, Interrupts and Exceptions
Overviews on x86 assembly, conventions, instruction set as well as other features in the x86 Architecture
Object Manager & LPC
Details on the Kernel’s Object Manager througout the OS, supported Object Types and various different uses and methods..
Virtual Machine Architecture
Explinations on how Virtual machine model run on Windows OS, VMM Kernel configuration, components of the Virtualisation system and more.
Processes, Threads and Virtual Memory
Detailed overviews on various precedures Processes, Threading and the Virtual Memory Manager take.
Advanced File Systems
Information on set filesystems, their device stack and mapping, file handling on NTFS and more.
Adv. Virtual Memory
Details on Advanced capabilities of Virtual memory
Cache Manager
Explanation on how the Cache Manager interacts between filesystems and the OS, procedures and functions is takes and more.
IO Architecture
Details on ins and outs of the IO Manager, how it can interact with data, drivers and the OS, dealing with IO Failures, crashes and more.
Lightweight Procedure Calls (LPC)
Overview on what it is and does, it’s architecture and various info on LPC Connection.
NTFS
Specific details and functions of the New Technology File System.
NT Registry Implementation
Information on how the Windows/NT Registry Model, supported APIs, Hive specifics and more.
Object Manager
Information on the NT Object Manager and it’s Name Space functions, IO, File Handling and more
Process Architecture
Overview on functions, features and capabilities of Processes, process bring up and maintinence, and more.
Synchronization Mechanisms
*Details on this I cannot explain myself.. If someone can assist here I would be greatful*
Thread Scheduling
Details on Process Threads, how the CPU controls Threads, different calls used, API functions and how they talk to the Kernel..
Traps Interrupts Exceptions
Information on ACPI model in ‘standard’ Intel CPUs of the time, NT Specific inturrupts, examples on trapped exceptions and more.
User-mode Heap Manager
Overview on aspects of the NT Heap model, benefits and issues with the method with Stats on tests run against the NT standard
Virtual Memory
Explanation on Features available to Virtual Memory, it’s Internal APIs used, Memory mapping/management and more
Win32K
Details on the Kernel side of Windows Subsystem, its entry points and related binaries, it’s Initialization with certain system components (winlogon, csrss) and more.
Windows Services
Overview on types of Services and it’s architecture model, the Service Controller API, writing a Service and more.
Sys-Internals Books and Debugging
Here is an assorted collection of books from Sysinternals and some topics on Debugging Windows
Windows Sysinternals Administrator’s Reference
«You’ll drill into the features and functions of dozens of free file, disk, process, security, and Windows management tools»
Troubleshooting with the Windows Sysinternals Tools
Learn how to troubleshoot and debug Windows with the collection of tools available from Systinternals
Inside Windows Debugging
Learn how to use Windows Debugging Tools, and learn techniques and tips on how and why features work the way they do and why they break.
Windows for Dummies
Here are some books from the ‘for Dummies’ series specific to Windows OS
Windows Server 2003 for Dummies
Ideal for Beginners who what to set up Windows Server for the first time!
Windows XP Hacks & Mods for Dummies
Full of tweaks and tips to customize Windows XP to the fullest!
Other Windows Books
The Old New Thing — Practical Development Throughout the Evolution of Windows
EPUB FORMAT
Page was built with Mobirise templates
Время на прочтение2 мин
Количество просмотров27K
Представляем вашему вниманию очередную новинку нашего издательства — долгожданное шестое издание легендарной книги Windows Internals, написанное Марком Руссиновичем, Дэвидом Соломоном и примкнувшим к ним в новом издании Алексом Ионеску.
Шестое издание книги Windows Internals охватывает внутреннее ядро компонентов Windows 7 и Windows Server 2008 R2.
Эта книга поможет вам:
- Понять, как работает ядро системы и механизмы управления начиная от диспетчера объектов до реестра.
- Узнать больше о системе внутренней структуры данных, используя такие инструменты, как отладчик ядра.
- Изучить изнутри модель безопасности Windows, чтобы увидеть, как она разрешает доступ к данным.
- Понять, как происходит управление физической и виртуальной памятью в Windows.
- Изучить сетевой стек Windows начиная с верхов до самых низов, включая API протоколов драйверов и драйверов сетевых адаптеров.
- Понять проблемы доступа к файловой системе и проблемы при загрузке системы.
- Узнать, как анализировать сбои.
Много писать о книге, пожалуй, не имеет смысла — Windows Internals прекрасно знакома всем специалистам по администрированию Windows и разработке приложений как основной учебник для углубленного изучения ядра данной операционной системы.
К сожалению, исторически сложилось так, что релиз оригинального издания выходит, как правило, спустя несколько лет после очередного релиза Windows, и иногда печатное издание поступает продажу, когда актуальна уже новая версия ОС. Так случилось и в этот раз.
Еще одним нововведением издания стало то, что впервые книга была разбита на два тома, с полугодовалым разрывом в выходе. Соответственно, представляемое русское издание — это перевод первого тома Windows Internals, второй в данный момент готовится к выпуску в нашем издательстве.
Оглавление книги можно посмотреть здесь, а отрывок прочитать здесь.
- книга на piter.com (доступна электронная версия!)
- книга на ozon.ru
- страница книги на сайте Microsoft