Covering Windows Server® 2008 R2 and Windows 7
Excellent technical reference
Pros: Concise, Accurate, Helpful examples
Best Uses: Expert
Describe Yourself: Developer
I reviewed Windows Internals, Part 1, Sixth Edition as part of the O’Reilly Bloggers program. I was mainly interested in the ‘System Architecture’ chapter and the chapter called ‘Process, Threads, and Jobs’.
The content in this book is immense. Don’t expect to retain 100% of what you’ve read because I don’t think it’s humanly possible.
The content is extremely technical and very low-level. My background is mostly in web development and I realized after reading Chapter 1 that would need to familiarize myself with WinDbg before continuing on. If you’re not familiar with WinDbg, I recommend reading some tutorials. Although some of the experiments in this book will guide you through the WinDbg usage for the experiments themselves, they won’t do any good unless you understand what the output really means. Other experiments will use SysInternals tools or others such as utilities from the WDK.
By the end of Chapter 2 and a number of experiments using WinDbg and SysInternals tools, I felt that I was better equipped to debug native applications. In fact, I referred to this book to debug a third-party native library and found that it had not properly released a resource, which helped the developers resolve the issue more quickly.
As an example of the depth of content in this book, there are roughly 20 pages dedicated to the creation of a process.
For System Administrators, I’d highly recommend Chapter 4 which covers the Registry and very valuable experiments related to services (such as viewing which services respond to which triggers).
I’d recommend this book for any engineers who plan to improve their native debugging skills, to develop Windows drivers, or to deepen their knowledge of the Windows operating system. This is not a book for a novice.
I’ve given this book 4/5 stars. It is a stellar book and it has improved my ability to troubleshoot, while helping to better familiarize with the SysInternals toolset (which I had already used regularly). I would have given 5/5 stars, but the content mostly reads like informal knowledge transfer rather than the average book from Microsoft Press. If it weren’t for the language of the experiments, it would read as dryly as (or more dryly than) a textbook. It is one of very few books I would recommend not reading cover-to-cover and instead use as a reference for very specific inquiries.