and over one million other books are available for Amazon Kindle. Learn more
CDN$ 48.33
  • List Price: CDN$ 51.95
  • You Save: CDN$ 3.62 (7%)
Only 1 left in stock (more on the way).
Ships from and sold by
Gift-wrap available.
Add to Cart
Have one to sell?
Flip to back Flip to front
Listen Playing... Paused   You're listening to a sample of the Audible audio edition.
Learn more
See this image

Winternals Defragmentation, Recovery, and Administration Field Guide Paperback – Aug 21 2006

Amazon Price New from Used from
Kindle Edition
"Please retry"
"Please retry"
CDN$ 48.33
CDN$ 32.95 CDN$ 3.27

Join Amazon Student in Canada


Product Details

Inside This Book (Learn More)
Explore More
Browse Sample Pages
Front Cover | Copyright | Table of Contents | Excerpt | Index
Search inside this book:

Customer Reviews

There are no customer reviews yet on
5 star
4 star
3 star
2 star
1 star

Most Helpful Customer Reviews on (beta) 1 review
4 of 4 people found the following review helpful
Surprisingly good, even if you only use free Sysinternals tools Aug. 25 2006
By Richard Bejtlich - Published on
Format: Paperback
I starting looking at Winternals shortly after Microsoft acquired the Winternals company. I almost didn't read the book, because I do not use the commercial Winternals tools. When I saw the book covered tools available from Sysinternals, I decided to concentrate on information relevant to me. I'm glad I did -- Winternals is a remarkably helpful book.

The most surprising aspect of Winternals is the focus on malware detection and removal. I expected the book to basically explain the tools and their options. I did not imagine the authors would provide multiple examples of fighting malware with Sysinternals utilities. Some of the discussion of kernel-mode rootkit removal is a little naive and outdated, given recent advances in the field. However, I really liked seeing more-or-less real-world examples of proper tool usage.

My concerns with Winternals are the same ones I usually express when I read a book by multiple authors: internal redundancy. Ten authors and one technical editor wrote Winternals. As a result, the Windows registry is "introduced" several times in the book. The same goes for popular tools like FileMon, RegMon, and PsList. Removing these redundancies is the job of the lead author or editor. Since Winternals seems to feature neither party, the book is internally redundant.

In some cases I felt introductory material wasn't necessary. For example, I didn't need ot read about DNS and Whois in Ch 8. I imagine most people reading Winternals already know how those protocols work.

Minor problems include appearances of odd text formatting and some screenshots being too small to really decipher. I didn't see many obvious typos, although the mention of "Syng set" on p 334 should say "SYN sent."

Despite these issues, I liked reading Winternals. Windows-centric security analysts, incident responders, and desktop engineers who are beginning to use Sysinternals and Winternals tools will find this book invaluable.