Mark,是Windows Internals一书的作者、微软院士、Windows领域顶尖大拿、一表人才的帅哥:Mark Russinovich。Mark在Technet也开有一个博客,虽然不是像我这让频繁的发“水贴”,但是只要Mark发帖,基本上都是属于经典级别的好贴。
因为Mark的网站是英文网站,可能大家可能平时没有特别的注意到。我这里整理了几篇大牛最近发表的一些Windows内核和排错方面的文章,建议对Windows内核感兴趣并且喜欢做debug的朋友,仔细地读一读,一定是会有很大的收获。
简介编辑本段回目录
Mark E. Russinovich (1966) is a software engineer and software architect.
He earned his Ph.D. in computer engineering in 1994 from Carnegie Mellon University.
He joined Microsoft in 2006 when it acquired Winternals Software, the company he cofounded in 1996 and where he worked as Chief Software Architect. He is also cofounder of Sysinternals.com, where he wrote and published dozens of popular Windows administration and diagnostic utilities including Filemon, Regmon, Process Explorer and RootkitRevealer. He previously worked at IBM's Thomas J. Watson Research Center, researching operating system support for Web server acceleration and serving as an operating systems expert.
In his role as an author, he is a regular contributor to TechNet Magazine and Windows IT Pro magazine (previously called Windows NT Magazine) on the subject of the Architecture of Windows 2000 and was co-author of Inside Windows 2000 (3rd edition). Russinovich is the author of many tools used by Windows NT and Windows 2000 kernel-mode programmers, and of the NTFS file system driver for DOS. He is widely regarded as a Windows expert.
Some of his work was done in collaboration with David A. Solomon and under the banner of Sysinternals which is also used by Bryce Cogswell. The commercial part of his work partly spun off to the company Winternals Software.
黑客Mark Russinovich编辑本段回目录
在Mark Russinovich关于索尼(Sony BMG)公司利用鬼鬼祟祟的技术在用户电脑当中执行“DRM(digital rights management,数字版权管理)阴谋”的震撼世界的发现之前,“rootkit”是一个偏颇的专业技术名词。但是现在,这个词语已经出现在了每一家反病毒软件公司的销售宣传材料当中。它们反复地引用Mark Russinovich的相关言论,就好像他真的是一位Windows系统世界的教父级人物一样。
Mark Russinovich |
这项关于“索尼rootkit”的发现,向世界揭示了一个真相,那就是反病毒软件生产厂商在秘密恶意软件面前显得是多么的无能为力。这一真相迫使了全世界的安全生产厂商们将反rootkit的检测扫描技术,添加进了现有的产品当中。
Russinovich,在微软公司收购了Sysinternals就一直供职于微软,花费了自己2006年的绝大部分时间来传播自己早期的关于rootkit的警告,并致力于建立新型的恶意软件猎杀工具和措施。
相关著作编辑本段回目录
Books
- Solomon, David; Mark Russinovich (September 16, 2000). Inside Microsoft Windows 2000 ((Third Edition) ed.). Microsoft Press. ISBN 0-7356-1021-5.
- Russinovich, Mark; David Solomon (December 8, 2004). Microsoft Windows Internals ((Fourth Edition) ed.). Microsoft Press. ISBN 0-7356-1917-4.
- Russinovich, Mark; David Solomon, Alex Ionescu (June 17, 2009). Microsoft Windows Internals ((Fifth Edition) ed.). Microsoft Press. ISBN 0-7356-2530-1.
Articles
- Russinovich, Mark (October 1997). "Inside NT's Object Manager". Windows IT Pro. http://www.windowsitpro.com/Articles/Index.cfm?ArticleID=299.
- Russinovich, Mark (December 1998). "NT vs.UNIX: Is One Substantially Better". Windows IT Pro. http://www.windowsitpro.com/Articles/Index.cfm?IssueID=97&ArticleID=4500.
- Russinovich, Mark (June 1999). "Inside Encrypting File System, Part 1". Windows IT Pro. http://www.windowsitpro.com/Articles/Index.cfm?ArticleID=5387&Key=Internals.
- Russinovich, Mark (February 2007). "Inside the Windows Vista Kernel: Part 1". TechNet Magazine. http://www.microsoft.com/technet/technetmag/issues/2007/02/VistaKernel/.
- Russinovich, Mark (March 2007). "Inside the Windows Vista Kernel: Part 2". TechNet Magazine. http://www.microsoft.com/technet/technetmag/issues/2007/03/VistaKernel/.
- Russinovich, Mark (April 2007). "Inside the Windows Vista Kernel: Part 3". TechNet Magazine. http://www.microsoft.com/technet/technetmag/issues/2007/04/VistaKernel/.
- Russinovich, Mark (June 2007). "Inside Windows Vista User Account Control". TechNet Magazine. http://www.microsoft.com/technet/technetmag/issues/2007/06/UAC/.
- Russinovich, Mark (July 2009). "Inside Windows 7 User Account Control". TechNet Magazine. http://technet.microsoft.com/en-us/magazine/2009.07.uac.aspx.
Videos
- Russinovich, Mark (November 2006). "Windows Vista Kernel Changes". Microsoft TechEd IT Forum 2006. http://www.microsoft.com/emea/itsshowtime/sessionh.aspx?videoid=340.
- Russinovich, Mark (November 2006). "Advanced Malware Cleaning". Microsoft TechEd IT Forum 2006. http://www.microsoft.com/emea/itsshowtime/sessionh.aspx?videoid=359.
- Russinovich, Mark (November 2006). "Advanced Windows Troubleshooting with Sysinternals Process Monitor". Microsoft TechEd IT Forum 2006. http://www.microsoft.com/emea/itsshowtime/sessionh.aspx?videoid=346.
- Russinovich, Mark (November 2006). "Windows Vista User Account Control Internals". Microsoft TechEd IT Forum 2006. http://www.microsoft.com/emea/itsshowtime/sessionh.aspx?videoid=360.