Microsoft Windows Internals Review
I’ve always been a bit twiddler – whether it’s doing machine code on an 8-bit RCA COSMAC microprocessor or writing 16-bit drivers for Windows 3.1 or doing Windows Server 2003 storage related development, I’ve never shied away from getting into the meat of the system.
In 1992, I got “Inside Windows NT” by Helen Custer to discover how Windows NT was structured. I purchased at least one of the other editions as well, authored by David Solomon and Mark Russinovich. The fourth edition has a new name, “Windows Internals, fourth edition”
Solomon and Russinovich are well known for their knowledge of how Windows works deep under the covers. Russinovich produces a number of very cool tools, many of them free at his Sysinternals web site.
This book does not cover the Win32 API or the .NET Framework. It does cover the kernel, memory management, I/O sub-system including ACPI and Plug and Play, and storage. The fourth edition covers low-level changes in Windows XP and Windows Server 2003.
This is not a book with coding examples. However, its best feature is the great number of sidebars with various “experiments” you can do, often featuring unique ways of using the Sysinternals tools. While I normally I do not care about memory management, it was fascinating to read how sophisticated the Windows kernel is.
While obviously system level developers will gain the most benefit from this book, there is a ton of information for IT professionals as well – particularly for system performance tuning. I was able to use the information regarding Event Tracing for Windows (ETW) in my current project. Sadly, the final chapter, on Crash Dump analysis, seems incomplete and ends rather abruptly. Being a Microsoft Press author myself, I wonder if schedule pressures were involved.
The book published by Microsoft Press (ISBN 0735619174) and is available from Amazon.com at:
http://www.amazon.com/exec/obidos/tg/detail/-/0735619174/