Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft Updates Multiple Sysinternals Tools

Posted by timothy on from the might-as-well-make-the-best-of-it dept.

wiedzmin writes "A couple of very useful updates have just been released by Microsoft for the ever so popular Sysinternals tool set. The most notable one is ProcessMonitor v2.0 which will now include 'real-time TCP and UDP monitoring.' Another one, released earlier this year — Desktops 1.0, provides a very unique multi-thread way to get multiple desktops running on your Windows box."

2 of 179 comments (clear)

  1. Re:How about . . . by Anonymous Coward · · Score: 5, Informative

    Process Monitor loads a kernel driver in order to hook in and read everything the system is doing. Making a kernel driver unload while the system is running is hard, and in some cases, impossible to do without risking the stability of the kernel.

    If I ever come across software that treats the best damn troubleshooting toolset available for Windows as as being unfit to run alongside, then that software will come across an express ride to the Recycle Bin.

  2. Great, but what about Protection Manager? by myxiplx · · Score: 5, Informative

    They may be updating the Sysinternals tools (after changing the EULA's on them all), but what about Protection Manager? That looked like a great product (and one we were planning to buy), but was conveniently buried the second Microsoft acquired Winternals & Sysinternals.

    Protection Manager was launched in March 2006, and removed from the market by Microsoft in November that same year. It was the first thing I looked for when Microsoft acquired Winternals and while I wasn't surprised to see it removed, I've been waiting ever since in the hope that it would be re-launched. That has never happened, and my belief now is that Microsoft deliberately buried it, thinking it would hurt Vista sales.

    Protection Manager was a program that gave system administrators a simple and effective way to whitelist the applications that could be run on their network. The idea was that you ran it for a few weeks to generate a baseline list of allowed applications, then turned on protection, after which non authorised programs would be stopped until approved by an administrator. It also allowed you to run individual applications with admin rights, making the management of legacy software far simpler.

    Most of the literature regarding the program has gone now, but this is a handy guide:
    http://www.inuit.se/?page=130

    A few choice quotes from MS:
    "the decision was made to withdrawal Winternals Recovery Manager, Defrag Manager and Protection Manager in their current form from the market effective November 17th 2006"

    Q. What is the future of Protection Manager?
    A. Winternals Protection Manager has been withdrawn from the product line. Many Protection Manager usage scenarios are addressed by the new User Account Control feature of Windows Vista."
    source: http://www.microsoft.com/systemcenter/wifaq.mspx

    Personally, I don't see that UAC offerse half the features Protection Manager did, and we have no desire to move over to Vista anyway. To me, it looks like Microsoft removed from the market a program that would have been genuinely useful to many of their customers, once again putting sales & marketing ahead of security and their customers.