Posts
  • LeoPonti Blog

    The Case of the Unexplained FTP Connections

    A key part of any cybersecurity plan is “continuous monitoring”, or enabling auditing and monitoring throughout a network environment and configuring automated analysis of the resulting logs to identify anomalous behaviors that merit investigation. This...( read more )
  • LeoPonti Blog

    Updates: Coreinfo v3.1, Desktops v2.0, Livekd v5.3, PsPasswd v1.23, Testlimit v5.22, Whois v1.11

    Coreinfo v3.1 : This update to Coreinfo, a command line utility that reports detailed information about a system’s processor topology, CPU features, and cache topology, fixes a bug affecting the calculation of NUMA node costs and adds support for several more processor features, including RDRAND, LAHF/SAHF, Prefetchw and Intel Speedstep. Desktops v2.0 : Desktops, a virtual desktop utility for Windows that lets you create up to three additional workspaces, is now compatible with Windows 8, properly supporting Winkey hotkey sequences (like Winkey+R to bring up the Run dialog) on alternate desktops and switching back to the primary desktop’s start screen when you hit Winkey. Livekd v5.3 : LiveKd, a command-line utility that enables you to use the Windows kernel debuggers to examine live systems as well as virtual machines, now support Windows 8. PsPasswd v1.23 : PsPasswd, a Pstools utility for remoting changing local machine passwords, now includes support for changing domain account passwords. Testlimit v5.22 : This release of TestLimit, an educational tool for testing the way Windows handles exhaustion of various resource types such as system commit, fixes an output formatting bug that could have it report KB instead of MB. Whois v1.11 : Whois v1.11, a tool for looking up domain name registration information, includes bug fixes that could cause it to crash if provided with malformed domain name input strings.
  • LeoPonti Blog

    Windows Internals 6th Edition Part 2 Published, and Mark Talks Sysinternals History on Defrag Tools

    Windows Internals 6th Edition, Part 2 Published : Part 2 of Windows Internals 6th Edition, is now available. The 6th edition covers kernel and system changes in Windows 7 and Windows Server 2008 R2 and adds 250 pages of expanded feature coverage and hand-on experiments. Mark Talks Sysinternals History on Defrag Tools : Defrag Tools, a Channel 9 series that features diagnostic and troubleshooting utilities including Sysinternals tools, invited Mark on to talk about how Sysinternals started, the evolution of the tools and how Mark decides when to add features and write new tools.
  • LeoPonti Blog

    New: PsPing v1.0; Updates: DebugView v4.8, Process Explorer v15.23, Sigcheck v1.81

    PsPing v1.0 : PsPing is a new Sysinternals PsTools command-line utility for measuring network performance. In addition to standard ICMP ping functionality, it can report the latency of connecting to TCP ports, the latency of TCP round-trip communication between systems, and the TCP bandwidth available to a connection between systems. Besides obtaining min, max, and average values in 0.01ms resolution, you can also use PsPing to generate histograms of the results that are easy to import into spreadsheets. DebugView v4.8 : This release of DebugView, a debug output monitoring utility, addresses a bug that could cause DebugView to blue screen on “checked build” (debug) versions of Windows. Process Explorer v15.23 : This update to Process Explorer adds the ability to view the process token of protected processes, fixes a bug that causes a crash when viewing thread stacks on Windows XP, and fixes a bug that causes a crash when running on Windows PE. Sigcheck v1.81 : This update to Sigcheck, a command-line utility for analyzing the digital signatures of executable images, fixes a bug that could cause it to crash when reporting the signing status of images that have invalid signatures.
Page 1 of 1 (4 items)