Utilities
Pacote de Utilitarios Sysinternals
Descarregar o Pacote Sysinternals
A Sysinternals é uma desenvolvedora de inúmeras ferramentas para o Microsoft Windows. Começou como um portal conhecido como
NT Internalsque divulgava vários utilitários gratuitos para administrar e monitorar computadores com o sistema operacional da MS.
Esses softwares completam e auxiliam em muitos momentos, onde por vezes achamos que estamos numa encruzilhada. Algumas delas além de as usar como análise a cenários, já me salvaram de sarilhos maiores. Tenha-as à mão, informe-se mais sobre as suas funcionalidades, muitas delas já existem na nossa coleção de aplicações, utilize a nossa área de pesquisa e inteire-se das funcionalidades.
Em 2006, a desenvolvedora foi adquirida pela Microsoft, e agora essas ferramentas podem ser encontradas no site da empresa de Bill Gates.
Agora, dezenas dessas ferramentas estão disponíveis neste pacotão de utilidades para o Windows. Simples e direto, este pacote não contém instalação, apenas os executáveis e os arquivos de ajuda de cada aplicativo.
Uma marca característica das ferramentas da Sysinternals é de ir direto ao ponto, sem a necessidade de instalação e com a possibilidade de usá-las via linha de comando. Todos são extremamente pequenos e não ocupam quase nada de memória RAM.
São dezenas de ferramentas para resolver vários tipos de problema em seu sistema, que vão desde análise de disco rígido, arquivos, conexões de rede e internet, monitores de processos e vários outros.
Download Sysinternals Suite Pack (10.3 MB)
Rodam desde Windows 98, NT, 2000, Millenium, XP, 2003, até o Windows Vista.
- Sysinternals Suite
The entire set of Sysinternals Utilities rolled up into a single download. - AccessChk
v4.23 (December 19, 2008)
This update fixes a bug that sometimes caused AccessChk to not show the full list of rights and privileged assigned to a user account. - AccessEnum
1.32 (November 1, 2006)
This simple yet powerful security tool shows you who has what access to directories, files and Registry keys on your systems. Use it to find holes in your permissions. - AdExplorer
v1.2 (April 22, 2009)
Active Directory Explorer is an advanced Active Directory (AD) viewer and editor.
- AdInsight
v1.01 (November 20, 2007)
An LDAP (Light-weight Directory Access Protocol) real-time monitoring tool aimed at troubleshooting Active Directory client applications. - AdRestore
v1.1 (November 1, 2006)
Undelete Server 2003 Active Directory objects. - Autologon
v2.10 (November 1, 2006)
Bypass password screen during logon. - Autoruns
v9.53 (August 12, 2009)
See what programs are configured to startup automatically when your system boots and you login. Autoruns also shows you the full list of Registry and file locations where applications can configure auto-start settings. - BgInfo
v4.15 (March 30, 2009)
This fully-configurable program automatically generates desktop backgrounds that include important information about the system including IP addresses, computer name, network adapters, and more. - BlueScreen
v3.2 (November 1, 2006)
This screen saver not only accurately simulates Blue Screens, but simulated reboots as well (complete with CHKDSK), and works on Windows NT 4, Windows 2000, Windows XP, Server 2003 and Windows 9x. - CacheSet
v1.0 (November 1, 2006)
CacheSet is a program that allows you to control the Cache Manager's working set size using functions provided by NT. It's compatible with all versions of NT. - ClockRes
v2.0 (June 4, 2009)
View the resolution of the system clock, which is also the maximum timer resolution. - Contig
v1.55 (September 30, 2008)
Wish you could quickly defragment your frequently used files? Use Contig to optimize individual files, or to create new files that are contiguous. - Coreinfo
v1.0 (September 11, 2008)
Coreinfo is a new command-line utility that shows you the mapping between logical processors and the physical processor, NUMA node, and socket on which they reside, as well as the cache's assigned to each logical processor. - Ctrl2cap
v2.0 (November 1, 2006)
This is a kernel-mode driver that demonstrates keyboard input filtering just above the keyboard class driver in order to turn caps-locks into control keys. Filtering at this level allows conversion and hiding of keys before NT even "sees" them. Ctrl2cap also shows how to use NtDisplayString() to print messages to the initialization blue-screen. - DebugView
v4.76 (October 16, 2008)
Another first from Sysinternals: This program intercepts calls made to DbgPrint by device drivers and OutputDebugString made by Win32 programs. It allows for viewing and recording of debug session output on your local machine or across the Internet without an active debugger. - Desktops
v1.0 (August 21, 2008)
This new utility enables you to create up to four virtual desktops and to use a tray interface or hotkeys to preview what's on each desktop and easily switch between them. - DiskExt
v1.1 (May 14, 2007)
Display volume disk-mappings. - Diskmon
v2.01 (November 1, 2006)
This utility captures all hard disk activity or acts like a software disk activity light in your system tray. - DiskView
v2.21 (November 1, 2006)
Graphical disk sector utility. - Disk Usage (DU)
v1.33 (December 10, 2008)
View disk usage by directory. - EFSDump
v1.02 (November 1, 2006)
View information for encrypted files. - Filemon
v7.04 (November 1, 2006)
This monitoring tool lets you see all file system activity in real-time. - Handle
v3.42 (November 19, 2008)
This handy command-line utility will show you what files are open by which processes, and much more. - Hex2dec
v1.0 (November 1, 2006)
Convert hex numbers to decimal and vice versa. - Junction
v1.05 (July 24, 2007)
Create Win2K NTFS symbolic links. - LDMDump
v1.02 (November 1, 2006)
Dump the contents of the Logical Disk Manager's on-disk database, which describes the partitioning of Windows 2000 Dynamic disks. - ListDLLs
v2.25 (November 1, 2006)
List all the DLLs that are currently loaded, including where they are loaded and their version numbers. Version 2.0 prints the full path names of loaded modules. - LiveKd
v3.0 (November 1, 2006)
Use Microsoft kernel debuggers to examine a live system. - LoadOrder
v1.0 (November 1, 2006)
See the order in which devices are loaded on your WinNT/2K system. - LogonSessions
v1.0 (November 1, 2006)
List the active logon sessions on a system. - MoveFile
v1.0 (November 1, 2006)
Allows you to schedule move and delete commands for the next reboot. - NewSID
v4.10 (November 1, 2006)
Learn about the computer SID problem everybody has been talking about and get a free computer SID changer, NewSID. - NTFSInfo
v1.0 (November 1, 2006)
Use NTFSInfo to see detailed information about NTFS volumes, including the size and location of the Master File Table (MFT) and MFT-zone, as well as the sizes of the NTFS meta-data files. - PageDefrag
v2.32 (November 1, 2006)
Defragment your paging files and Registry hives. - PendMoves
v1.1 (November 1, 2006)
Enumerate the list of file rename and delete commands that will be executed the next boot. - PipeList
(November 1, 2006)
Displays the named pipes on your system, including the number of maximum instances and active instances for each pipe. - PortMon
v3.02 (November 1, 2006)
Monitor serial and parallel port activity with this advanced monitoring tool. It knows about all standard serial and parallel IOCTLs and even shows you a portion of the data being sent and received. Version 3.x has powerful new UI enhancements and advanced filtering capabilities. - ProcDump
v1.4 (August 17, 2009)
This new command-line utility is aimed at capturing process dumps of otherwise difficult to isolate and reproduce CPU spikes. It also serves as a general process dump creation utility and can also monitor and generate process dumps when a process has a hung window or unhandled exception. - Process Explorer
v11.33 (February 4, 2009)
Find out what files, registry keys and other objects processes have open, which DLLs they have loaded, and more. This uniquely powerful utility will even show you who owns each process. - Process Monitor
v2.6 (August 12, 2009)
Monitor file system, Registry, process, thread and DLL activity in real-time. - ProcFeatures
v1.10 (November 1, 2006)
This applet reports processor and Windows support for Physical Address Extensions and No Execute buffer overflow protection. - PsExec
v1.96 (July 1, 2009)
Execute processes with limited-user rights. - PsFile
v1.02 (December 4, 2006)
See what files are opened remotely. - PsGetSid
v1.43 (December 4, 2006)
Displays the SID of a computer or a user. - PsInfo
v1.75 (July 9, 2007)
Obtain information about a system. - PsKill
v1.12 (December 4, 2006)
Terminate local or remote processes. - PsList
v1.28 (December 4, 2006)
Show information about processes and threads. - PsLoggedOn
v1.33 (December 4, 2006)
Show users logged on to a system. - PsLogList
v2.7 (May 7, 2009)
Dump event log records. - PsPasswd
v1.22 (December 4, 2006)
Changes account passwords. - PsService
v2.22 (January 11, 2008)
View and control services. - PsShutdown
v2.52 (December 4, 2006)
Shuts down and optionally reboots a computer. - PsSuspend
v1.06 (December 4, 2006)
Suspend and resume processes. - PsTools
(July 1, 2009)
The PsTools suite includes command-line utilities for listing the processes running on local or remote computers, running processes remotely, rebooting computers, dumping event logs, and more. - RegDelNull
v1.10 (November 1, 2006)
Scan for and delete Registry keys that contain embedded null-characters that are otherwise undeleteable by standard Registry-editing tools. - RegJump
v1.01 (November 1, 2006)
Jump to the registry path you specify in Regedit. - RegMon
v7.04 (November 1, 2006)
This monitoring tool lets you see all Registry activity in real-time. - RootkitRevealer
v1.71 (November 1, 2006)
Scan your system for rootkit-based malware. - SDelete
v1.51 (November 1, 2006)
Securely overwrite your sensitive files and cleanse your free space of previously deleted files using this DoD-compliant secure delete program. - ShareEnum
v1.6 (November 1, 2006)
Scan file shares on your network and view their security settings to close security holes. - ShellRunas
v1.01 (February 28, 2008)
Launch programs as a different user via a convenient shell context-menu entry. - Sigcheck
v1.6 (March 2, 2009)
Dump file version information and verify that images on your system are digitally signed. - Streams
v1.56 (April 27, 2007)
Reveal NTFS alternate streams. - Strings
v2.41 (March 2, 2009)
Search for ANSI and UNICODE strings in binaryimages. - Sync
v2.0 (November 1, 2006)
Flush cached data to disk. - TCPView
v2.54 (March 17, 2009)
Active socket command-line viewer. - VMMap
v2.2 (July 23, 2009)
VMMap is a process virtual and physical memory analysis utility. - VolumeId
v2.0 (November 1, 2006)
Set Volume ID of FAT or NTFS drives. - Whois
v1.01 (November 1, 2006)
See who owns an Internet address. - WinObj
v2.15 (November 1, 2006)
The ultimate Object Manager namespace viewer is here. - ZoomIt
v4.0 (August 5, 2009)
Presentation utility for zooming and drawing on the screen.
A suíte da Sysinternals é um pacote de pequenos aplicativos para MS Windows, desenvolvido pela Sysinternals e posteriormente comprado pela Microsoft. São bastantes leves e úteis, por este motivo vários usuários desfrutam dos recursos da suíte, em especial administradores de redes e outros profissionais de tecnologia.
Marcadores: Admin, Administrador, Download, Ferramentas, Microsoft, Pack, Pacote, Power, Root, Sistema, Suite, Sysop, Tools, Utilities, Windows
# 9/09/2009 11:26:00 PM, Comentários, Links para esta postagem,
Linux: comandos básicos
Image via Wikipedia
Linux: comandos básicos
Básicos
ls [-al]: listagem do diretório.
cp [-ir]: copiar arquivos.
mv [-i]: mover ou renomear arquivos.
rm [--]: remover arquivos.
mkdir/rmdir: cria/remove diretórios.
ln -s path link: cria links simbólicos (symlinks) para arquivos ou diretórios.
Outros comandos
file: determina o tipo do arquivo (/etc/magic).
cat: mostra o conteúdo do arquivo na tela.
head / tail: mostra linhas no inicio / fim do arquivo.
less / more: lista o conteúdo do arquivo.
man filename: manual online do programa.
ctrl+alt+del/reboot: reinicia o sistema.
shutdown -h now/halt: desliga o computador.
Combinações
CTRL+C: sai (kill) do programa.
CTRL+ALT+BackSpace: sai (kill) do servidor X.
CTRL+L: limpa a tela.
CTRL+A / E: move o cursor para o início / fim da linha.
CTRL+U / K: remove da posição do cursor até o início / fim da linha.
CTRL+H: remove palavra anterior ao cursor.
CTRL+R: busca comando digitado no history do bash.
CTRL+D: logout (para isto altere ou unset a var. $IGNOREEOF).
Processos
CTRL+Z: suspende o processo temporariamente.
top: os processos que consomem mais recursos do sistema.
jobs: lista as tarefas rodando em fore/background.
bg/fg: manda processo para o back/foreground.
nice/renice: altera prioridades.
ps -auxw: lista todos os processos do sistema:
PID (process id), TTY (terminal ou ? caso seja um daemon), STAT (estado do processo), TIME (tempo de CPU consumido), COMMAND (o comando executado).
pstree -p: idem.
time: calcula o tempo decorrente do início ao término de um processo. # time updatedb real 1m42.233s user 0m0.490s sys 0m10.290s
Matando processos
kill: as opções mais comuns são (onde id é o mesmo que PID):
kill -HUP id-do-processo: reinicia processo.
kill -9 id-do-processo: mata processo.
killall processo: mata processo pelo nome.
killall -HUP processo: reinicia processo pelo nome.
Permissões
As permissões dos arquivos são definidas através dos comandos chmod, chown e chgrp.
Estrutura do comando:
chmod
Ao listar as informações de um arquivo ou diretório, o formato é o seguinte: drwxrwxrwx.
Respectivamente: diretório (d), permissão do dono (read/write/execute), do grupo (read/write/execute) e de outros (read/write/execute).
Por exemplo, para transformar um arquivo em executável:
• chmod +x nome_do_arquivo (executável para todos)
• chmod g+x nome_do_arquivo (executável para o grupo)
Para alterar o usuário e o grupo de um arquivo ou diretório:
• chown root.root /sbin/firewall.sh (-R: recursivamente)
Outros exemplos:
• chmod 755 (executável): -rwxr-xr-x
• chmod 4700 (suid) set user id para programas que precisam rodar com permissão de root: -rws------
Para calcular o valor numérico das permissões, basta considerar o valor do executavel como 1, de escrita como 2 e de leitura como 4, que seria o equivalente decimal aos bits:
rwx = 111 (todos bits ligados) = 2**2 + 2**1 + 2**0 = 7
Dessa forma, uma permissao de leitura e escrita (4+2) para o owner, e de leitura apenas para os outros teria o valor 644. Para calcular a umask, que seria a máscara de permissão aplicada na criação de um novo arquivo, basta então subtrair 666 (ou 777 para diretórios) resultando em umask 022.
Como se encontrar no sistema
Localizar arquivo por nome:
find [path...] -name [nome_do_arquivo]
find . -name slackware.png
find / -name "*.png" -print (arquivos png do dir. atual)
find /home -size +5000k -print (arquivos com mais de 5Mb)
Local de um binário:
whereis (ou which) [nome_do_arquivo]
which gcc
gcc: /usr/bin/gcc
Outros:
cd - : alternar entre diretórios
pwd: listar caminho atual
Criando arquivos compactados
>> tar.gz
É possível criar tarfile (tarball) da seguinte forma:
tar -c file1 file2 > foo.tar
Para 'zipar' o tar a mesma coisa:
gzip -c file1 file2 > foo.tar.gz
Ou então:
tar -cvzf diretorio.tar.gz diretorio/
tar.bz2
Troque o 'z' pelo 'j' para criar arquivos bzip2.
tar -jxvf arquivo.tar.bz2 (descompactanto bz2)
>> zip
zip -r filename.zip files
O editor vi(m)
a / i: adiciona texto (append/insert).
y / p: copiar e colar (copy/paste).
x: remover letra.
/: buscar palavra (n: next N: prev).
u: desfazer (undo).
v: selecionar texto (visual).
:edit file: cria novo buffer.
:ls: lista buffers.
:buffer N: edita buffer N.
:bdelete: remove buffer.
:so \$VIMRUNTIME/syntax/2html.vim: converte source em html.
:ab SW slackware: cria abreviação (abclear: remove abs.)
map :qa! : mapeia tecla (adicione em .vimrc)
Para gravar digite ESC seguido por :wq (write and quit), :q! (sair sem gravar) ou :qa! (fechar todos).
Marcadores: Bzip2, Comandos, Download, FreeWare, Linux, Release, Tar, Utilities, Windows
# 10/17/2008 05:15:00 AM, Comentários, Links para esta postagem,