Book Review: Hacking the Code By: Mark Burnett
I can't say enough good things about Mark Burnett's book Hacking the Code. From beginning to end it is a great read and a great resource. What impressed me from the beginning is how he was able to take such a wide range of difficult topics and make them sound so down to earth. The writing style is so polished and friendly that you almost forget that you are reading about pretty intensive topics.
I was continually impressed at how well formatted the book was. Now, that almost seems unimportant to mention but it's not. Each section gives the goals of that section, the topic thoroughly covered, and then a summary, worth reading I must add, to close off the section. This impressed me because it is easy to read this from cover to cover and quickly grasp the subject matter. Or, if you are reviewing the section, you can use the summary to be reminded of the key points.
VB.Net and C# code examples are plentiful, completely usable and easy to understand.
This book is a must read. Even with the topics that I already had a good handle on, I felt that I was continually picking up new pieces of information and being challenged to review the security I already had in place.
Hacking the Code is an easy read covering difficult topics in a consistent, complete and concise manner. I highly recommend this book without reservation.
Along with Windows Server 2003 and Internet Information Services 6.0 came a large number of benefits. For us IIS admins, it was a great welcome set of changes. But, one apparent difficultly is matching up the w3wp.exe processes displayed in Task Manager to the Application Pools in IIS.
Review of IIS5
In IIS5.0 (Windows 2000 Server), each site that is set to Out Of Process will spin up a new instance of dllhost.exe. Windows Task Manager lists them. Now, the trick is to find out which dllhost.exe matches which site. My favorite way is to use Component Services. To do so, open Component Services from Administrative Tools, drill down to Computers -> My Computer and select COM+ Applications. Now select View from the top menu and select Status. Beside each site that currently has a dllhost.exe process spun up is the Process ID (PID). Using Task Manager, you can tell the memory and CPU.
Note: If the Process ID doesn't display for you in Task Manager, select View -> Select Columns and add it.
What about IIS6?
But, that doesn't work anymore with IIS6.0. Now each site in IIS6 is placed in an Application Pool. Each Application Pool is completely separated from other App Pools by running in its own process called w3wp.exe. This make life SO much easier. Now, the trick is to match up the process shown in Task Manager with the Application Pool set up in IIS.
If there is a different user for each application pool, Windows Task Manager is the easiest way to find out which application pool belongs to which site since Task Manager will display the user the process runs as.
But, what happens if you have multiple application pools running as the same user? For example, if you keep to the default NETWORK SERVICE user but create multiple Application Pools, you may want to know which process belongs to which App Pool. Component Services doesn't work for this anymore.
Enough already, tell me how to do it!
Have no worries, Microsoft has given us the exact tool for the situation. IISApp.vbs lists all the applications, their PID and their App Pool name.
The script is already placed in systemroot\system32 on Windows Server 2003 so simply go to your Command Prompt and type in iisapp.vbs (the .vbs is optional) and you'll have an instant list of all the App Pool information you've always wanted to know. You may need to type cscript iisapp.vbs instead if CScript isn't your default WSH script host.
Let's see an example of the output:
Here is an example of the output.
W3WP.exe PID: 1468 AppPoolId: AppPoolForSite1.com
W3WP.exe PID: 3056 AppPoolId: AppPooForSite2.com
W3WP.exe PID: 1316 AppPoolId: AppPooForSite3.com
Direct from the horse's mouth, Microsoft documents this:
http://www.microsoft.com/resources/documentation/WindowsServ/2003/standard/proddocs/en-us/Default.asp?url=/resources/documentation/WindowsServ/2003/standard/proddocs/en-us/cl_as_viewapps.asp
Summary
We've seen here that using iisapp.vbs, you can painlessly match up the PID to the friendly name of the Application Pool.
Developing WMI Solutions By: Craig Tunstall, Gwyn Cole
Developing WMI Solutions is a must read for anyone interested in serious WMI development and WMI administration.
Both authors have an obvious depth and vast understanding of this exciting topic and give authoritative guidance in many aspects of WMI. The book starts off with an exhaustive background of WMI and the governing bodies of various technologies surrounding it.
After the background is established, the authors cover key topics like the Common Information Model (CIM), WQL, security, data providers and the Manage Object Format (MOF) to name a few. The reader is never left wanting as Tunstall and Cole make every word count and without leaving any fundamental topic untouched.
From then on the book jumps into the technologies with both feet and covers topics ranging from developing C# applications to powerful MMC Snap-ins to administrative scripts using VbScript.
They approach this topic from the perspective of a power developer that wants to know the specifics of developing WMI properly. They do this well.
That being said, I recommend Developing WMI Solutions with reservation to a beginner or casual WMI developer. Parts of the book assume a solid C++ background, other parts appeal to the C# developer using .NET. I didn't find that they attempted to simplify their examples or consider a broad audience. In those chapters, if you aren't a C++ developer, you'll have a hard time grasping the concepts covered.
There is a great chapter close to the end on Administration scripts using VbScript. This chapter, in contrast to others in the book, is written in a way that anyone can pick it up and start doing some WMI administration development immediately. The other chapters beneficial to any beginner or causal developer are the "WMI Studio" chapter and the few fundamental chapters at the beginning of the book. But unless you're a seasoned developer or a user planning to covered the advanced topics of WMI, expect to skim a number of chapters.
I can't forget the chapter on WMIC. Prior to reading this book I haven't used WMIC and I didn't have any intention to try it anytime soon. It looked like a vast world of difficult syntax. How wrong I was. After reading their chapter on WMI, I have becoming a regular WMIC fan.
For the power WMI developer or someone planning to become one, this book is for you. The authors dive in deep and cover the far corners of WMI with confidence and skill. Expect to have your difficult questions answered.
I walked away from reading this book with a solid understanding of not just WMIC but a number of other tools that I now feel confident using and appreciative of having learned.
Over all, I recommend Developing WMI Solutions by Tunstall and Cole to the serious developers. I keep it handy on my bookshelf and have used it as a reference a few times already and expect to dog ear the pages before too long. For those serious in developing WMI solutions, this book is a must-have.