Book Review: Windows Sysinternals Administrator’s Reference
When it comes to all things Microsoft, no one is held in greater esteem (sorry, Bill G!) than Mark Russinovich. As the founder of Sysinternals (later acquired by Microsoft itself) he poked more deeply into the Windows kernel than any non-Microsoft employee, exposing hidden API hooks and developing powerful tools to help both system administrators and developers alike. From the ps suite of tools, to the legendary process monitor and process explorer, Russinovich literally wrote the book on the internals of Windows systems.
Now he’s followed up with the book on how to troubleshoot Windows operating systems, the Windows Sysinternals Administrator’s Reference. In collaboration with co-author Aaron Margosis, he presents an overview of the entire Sysinternals suite of tools, and there methodically goes through the use of each one, presenting tables and graphics to accompany his explanations of their use.
This book isn’t for the faint of heart. If you didn’t enjoy the Windows Internal series, you’re not likely to be able to use this volume, but for those of us that live and breathe through Sysinternals (or just occasionally pick up process monitor to fool around with) it’s a godsend. There’s never been (before now) the ability to exhaustively detail how the tools work without diving through multiple forums and waiting for days. With a Windows 7 computer, reliable access to the internet, and this book, you could spend weeks learning the nuances of the entire toolset.
Russinovich’s style is breezy but detailed, and within a few chapters I’d already learned more about tools I use regularly each week than I had in the previous several years. Whether troubleshooting a pesky memory leak, speeding up boot times, or getting to the bottom of a frustrating crash, there’s a tool in the sysinternals suite for each scenario. The newer tools that allow you to see memory allocation (for physical and virtual machines) aren’t skimped on either, so there’s something for even the most experienced Sysinternals veteran. Armed with this book, no problem is too daunting, and as such, it should be on every system administrator’s desk wedged between the Windows Powershell Pocket Reference and Mastering Regular Expressions, Third Edition.