![]() SysInternals provides free security utilities for managing Microsoft Windows networks and systems. ![]() This post is part of the series: Use SysInternals security utilities to manage network and system security Tables and Figures (Hover for caption, click to enlarge) I don’t use all the Sysinternals utilities, but this one I’ll keep. There is also a toolbar function which allows you to replace Task Manager with Process Explorer. This is a great utility for analyzing processes running on a Windows platform. Apple iTunes is running in the window without focus, but is visible through the Process Explorer window I’m actively using to monitor system and process activity. You can configure Process Explorer for various levels of transparency, providing a view of the running program. There is another feature that might be useful when performing real-time analysis with a single display–the opaqueness setting. Figures 4 through 6 are examples of information available unique to the target process, including security attributes. While a single click on a process refreshes the lower pane, double clicking brings up a more organized, tabbed window. If you need overall system information, as shown in the Performance tab of Task Manager, Process Manager provides that too–with a little more information. ![]() As you can see in Figure 2, the lower pane provides detailed information about system use of the iTunes process, including: Choosing to display a bottom pane provides additional information on a process when you click in the main display. Double-clicking on the executable brings up the windows shown in Figure 1. Process Explorer has the same functionality as Task Manager and a lot more. Microsoft’s Sysinternals Process Explorer is a great way to achieve process visibility–and it’s free. However, you don’t have to spend your entire security budget for the right tool. It can get you started, but dependencies and other critical information are not available. Task Manager, a free utility provided with Windows, is not intended for serious process analysis. Without the right tools, this is a daunting task. In some circumstances, we might have to work backward, from registry keys or DLLs to processes that created or use them. However, when a security issue arises, which requires knowledge beyond which wizard to bring up, we often have to resort to process analysis. Today’s Microsoft Windows-based systems are relatively easy to monitor using tools provided out-of-the box with Windows.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |