if (ms) blog++;

Random bits of (hopefully) useful technical information on Windows, with a focus on understanding and troubleshooting.

December, 2009

  • Hyper-V Virtual Networks

    The most common questions that I get on Hyper-V setups relates to the networking configuration, and it seems to be common thing to get wrong, so I’ll try to go through the 3 types of virtual network we have, and how they differ.   A private network...
  • Windows System Resource Manager (WSRM) – does exactly what it says on the tin

    Originally introduced in Enterprise and Datacenter editions of Windows Server 2003, this feature is now in-box for Standard and upwards SKUs of Windows Server 2008. As with other features, it is added through Server Manager / Features > Add Feature...
  • Goodness gracious, great walls of fire

    Ask most people what the default rules should look like for a network firewall and they will likely say “drop” or “stealth” – i.e. if the source address:port & destination address:port combination is not matched then the traffic is silently ignored...
  • User-mode dump creation (pre-Vista)

    For applications that are crashing or hanging, you will need to have the Debugging Tools for Windows present on the machine, and use the script ADPlus.vbs to attach the command line debugger (cdb.exe) to create dump files. To keep the examples simple...
  • User-mode dump creation (Vista onwards)

    The ADPlus method of creating dumps is still valid after Windows Server 2003, however there is an easier way to have the OS create the same data which was introduced in Windows Vista…   Hung Jury For processes that are hung or consuming lots of CPU...
  • Analyzing User Mode Dumps

    So you’ve managed to get a dump from a process… now what? Dump analysis is a skill that requires a bit of knowledge of how processors work, how to read assembly language, how functions are called, what stacks and heaps are, and so on – it’s way beyond...
  • Kernel-mode dump analysis

    I’ve already covered the different types of memory dump in a previous blog entry, so this is a quick dip into how we manually trigger a bugcheck to create a memory dump on demand, and also how we can take a look inside the kernel of a running OS without...