Browsing Posts published in July, 2006

As you can probably tell from previous blog entries and presentations, I’ve been a big fan of Sysinternals tools for a long time. Mark Russinovich and Bryce Cogswell wrote some of the best Windows tools in existence, free or otherwise. Process Explorer kicks Task Manager’s proverbial butt. Regmon and Filemon are invaluable debugging aids (and cited in many a Microsoft KB article explaining how to debug certain problems). Autoruns combs your system to identify what launches automatically when your machine starts. (Great for ferretting out malware or just getting rid of annoying auto-update software.) Junction, MoveFiles, the BSOD* Screensaver, Strings, PendMoves, PageDefrag, … The list goes on and on. Mark and Bryce also founded a commercial company, Winternals, which develops some topnotch system recovery software.

Microsoft has acquired both Sysinternals and Winternals. Mark and Bryce are now both Microsoft employees. So many of the tools I’ve grown to love will likely become core parts of the operating system. Congrats to both Mark and Bryce. This is a huge win for Microsoft, both from the technology they’ve acquired and the two gurus wearing freshly-pressed blue shirts. You can find the press release on the Winternals site, another on the Microsoft site, and a post from Mark on his blog.

* BSOD – Blue Screen of Death. The BSOD Screensaver, aka BlueScreen, accurately emulates a kernel crashdump and reboot based on the system its running on. Fun stuff to install on a cubicle mate’s unlocked computer while he/she’s off getting a coffee.

Presenting at EDMUG last week was a blast. The audience was great and people asked some fantastic questions. I presented Enterprise Architecture for Mere Mortals: Authentication where I discussed the major authentication mechanisms for enterprise applications – basic, NTLM, and Kerberos – and authentication topologies – trusted subsystem, delegation, constrained delegation, and protocol transition. It felt very strange doing a development presentation and never launching Visual Studio. I believe the audience got the point that, although not straightforward, constrained delegation isn’t that hard to configure and you don’t have to resort to basic authentication when you need to do a multi-server hop. (e.g. Sending credentials from the client to IIS to SQL Server.) Here is the slidedeck. (N.B. You’ll need PowerPoint 2007 to open it. Email me if you would like a version for 2003.)

I had Tools of the Trade: Must-Have .NET Utilities in my back pocket in case I ran out of things to talk about regarding security. As it turns out, lack of material wasn’t a problem. I always seem to arrive over-prepared. :^) If EDMUG wants to invite me back, I’ve got a presentation waiting. Or maybe I’ll present it at the Edmonton Code Camp

Thanks again to EDMUG for inviting me to speak!