Kernel-mode dump analysis

I’ve already covered the different types of memory dump in a previous blog entry, so this is a quick dip into how we manually trigger a bugcheck to create a memory dump on demand, and also how we can take a look inside the kernel of a running OS without crashing it.   Crash Landing…

0

Analyzing User Mode Dumps

So you’ve managed to get a dump from a process… now what? Dump analysis is a skill that requires a bit of knowledge of how processors work, how to read assembly language, how functions are called, what stacks and heaps are, and so on – it’s way beyond the scope of a blog to give…

0

User-mode dump creation (Vista onwards)

The ADPlus method of creating dumps is still valid after Windows Server 2003, however there is an easier way to have the OS create the same data which was introduced in Windows Vista…   Hung Jury For processes that are hung or consuming lots of CPU time, you can use Task Manager to create hang…

0

User-mode dump creation (pre-Vista)

For applications that are crashing or hanging, you will need to have the Debugging Tools for Windows present on the machine, and use the script ADPlus.vbs to attach the command line debugger (cdb.exe) to create dump files. To keep the examples simple I will assume the tools were installed in the folder C:\Debuggers, and the…

0

Goodness gracious, great walls of fire

Ask most people what the default rules should look like for a network firewall and they will likely say “drop” or “stealth” – i.e. if the source address:port & destination address:port combination is not matched then the traffic is silently ignored. This is often perceived as being more secure than rejecting the connection attempts, based…

0

Windows System Resource Manager (WSRM) – does exactly what it says on the tin

Originally introduced in Enterprise and Datacenter editions of Windows Server 2003, this feature is now in-box for Standard and upwards SKUs of Windows Server 2008. As with other features, it is added through Server Manager / Features > Add Feature, and is cunningly named “Windows System Resource Manager” – note that it has a pre-requisite…

2

Hyper-V Virtual Networks

The most common questions that I get on Hyper-V setups relates to the networking configuration, and it seems to be common thing to get wrong, so I’ll try to go through the 3 types of virtual network we have, and how they differ.   A private network can only be used by the child partitions,…

2