Troubleshooting windows problems
Download
1 / 22

Troubleshooting Windows Problems - PowerPoint PPT Presentation


  • 111 Views
  • Uploaded on

Troubleshooting Windows Problems. Presented by: David F. Soll Vice President, Omicron Consulting [email protected] Trenton Computer Festival April 16 & 17, 2005. Agenda. Windows versions File systems Hardware Registry Programs that start automatically Task Manager Restore Points

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about ' Troubleshooting Windows Problems' - kasimir-wyatt


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
Troubleshooting windows problems

Troubleshooting Windows Problems

Presented by: David F. Soll

Vice President, Omicron Consulting

[email protected]

Trenton Computer Festival

April 16 & 17, 2005


Agenda
Agenda

  • Windows versions

  • File systems

  • Hardware

  • Registry

  • Programs that start automatically

  • Task Manager

  • Restore Points

  • Software updates

  • DLL Hell

  • Windows XP SP2

  • What is a TCP Port

  • Windows Firewall

  • TweakUI


What s not in this talk
What’s NOT in this talk

  • Virus Scanners and Cleaners

  • Spyware Scanners and Cleaners

  • This talk is designed to provide a broader view of Windows issues


Windows versions
Windows Versions

Windows 2000, XP and Server 2003

Windows 95, 98, and ME

Full Operating System

Sits on top of MS-DOS

Protected O/S

Not protected O/S

Full Security Model

No Security Model

Supports NTFS, FAT, and FAT32

Supports FAT and FAT32

If you are still running on Windows 9x or ME, upgrade to XP!


Upgrading windows
Upgrading Windows

  • Experience shows that when upgrading it is better to wipe the hard disk clean and start over – do not perform an in-place upgrade

  • Save all of your personal files before upgrading

  • Reinstall all applications after upgrading


File systems
File Systems

NTFS

FAT32

Secure file system

No security

Max size > 2 TB

32 GB (4 GB for FAT)

File size limited by volume size

Max file size is 4 GB (2 GB for FAT)

Can convert from FAT or FAT32 to NTFS

Can not convert from NTFS to FAT or FAT32

Cluster size of 4K

Cluster size of 16K

Can not be used for floppy disks

FAT32 can not be used for floppy disks (only FAT can)


Hardware
Hardware

  • The key to hardware is the driver

    • A driver is software that know how to talk to a specific piece of hardware

    • Microsoft has a certification program for drivers, but not all vendors go through the certification process

    • When you install a non-certified driver you are notified and given the opportunity to abort

  • Plug and Play

    • Stay away from non-Plug and Play devices


Registry
Registry

  • Configuration Database

    • Windows configuration

    • User configuration

    • Application configuration

  • Be careful!!!

    • Errors in the registry can cause major problems

  • Divided into 2 key branches:

    • Machine

      • Configuration parameters common to all users of the computer

    • User

      • Specific to the user

      • Different for each user


Automatic startup
Automatic Startup

  • 3 Basic Types:

    • Services

    • Applications

    • DLL’s

  • Services run in the background

    • Controlled by Service control manager

    • Can be set to Manual, Automatic, or Disabled

    • Use the “net start” command to view all running services

      • Use this to record what services are running before problems occur

      • Use the recorded list to check for any new, unexpected services are running when problems arise


Automatic startup cont d
Automatic Startup (cont’d.)

  • Application started from:

    • Startup group

    • Registry

      • HKey_Local_Machine\Software\Microsoft\Windows\CurrentVersion\Run

      • HKey_Current_User\Software\Microsoft\Windows\CurrentVersion\Run

  • DLL’s typicall run from “RUNDLL32.EXE”

    • Often DLL’s are hidden from you since they don’t run on their own


Task manager
Task Manager

  • Lists all running programs (applications and services)

  • Look for unfamiliar applications

  • Use Windows Explorer to identify where the program came from

  • Use Ctrl-Shift-Esc as a shortcut

    • Can also use Ctrl-Alt-Delete then “Task Manager”

    • Also right click on task bar and select “Task Manager”


Restore points
Restore Points

  • Provides a “snapshot” of the system configuration

  • Allows reverting back to a previous snapshot

  • Typically does not effect user data

    • Specifically targets configuration/registry

  • Not a good method for removing software

    • Use the Add or Remove Programs for this


Software updates
Software Updates

  • Keep the Windows updates up to date

    • Automatic Update

      • Right click on “My Computer” then select “Properties”

      • Select the “Automatic Update” tab

    • Manual Update

      • Select “Start” then “Windows Update”

  • Keep the virus definitions for you virus scanner up to date


Dll hell
DLL Hell

  • A Dynamic Link Library (DLL) is a subroutine library that can be shared by multiple applications

  • Includes: DLL, VBX, OCX, DRV, FON, FOT, CPL, TLB

  • Different versions of DLL’s typically have different functionality

  • DLL’s are installed with program installations

  • The DLLCache directory supersedes anything replaced in the System32 directory


Dll hell scenario 1
DLL Hell – Scenario 1

Applications 1 and 2 both use XYZ.DLL

Install

Application 1

Install

Application 2

Application 1

Installs Ver. 1 of

XYZ.DLL

Application 2

Installs Ver. 2 of

XYZ.DLL

Hard Disk

XYZ.DLL does not exist on the hard drive

XYZ.DLL Ver. 1 is on the hard drive

XYZ.DLL Ver. 2 is on the hard drive

Application 1 may be broken!


Dll hell scenario 2
DLL Hell – Scenario 2

Application 1 uses XYZ.DLL

XYZ.DLL has been installed as a part of Windows

Install

Application 1

Windows sees

That XYZ.DLL

has been changed

Application 1

Installs Ver. 2 of

XYZ.DLL

Windows copys

DLLCache version

Of XYZ.DLL

Hard Disk

XYZ.DLL Version 1 is on the hard drive

XYZ.DLL Ver. 2 is on the hard drive

XYZ.DLL Ver. 1 is on the hard drive

XYZ.DLL Ver. 1 is in the DLLCache

Application 1 may be broken before we ever get it to work!


Windows xp sp2
Windows XP SP2

  • Provides patches & fixes for Windows XP but…

    • The most important part is that it tightens security

    • The most annoying part is that it tightens security


What is a tcp port
What is a TCP Port?

  • Think of an IP address as a telephone number

  • Think of a port number as being an extension

  • In this analogy, the person who dials the phone is the client application (ie: Web Browser)

  • The person who listens for it to ring is a server program (ie: Web Server)

  • If there is no one listening to an extension, it goes unanswered

    • Therefore, if no application is listening to a port, a hacker can NOT do anything by attempting to call that port


What is a tcp port1
What is a TCP Port?

  • Ports 0 through 1023 are reserved and called “well known ports”

    • Examples of well known ports:

      • HTTP Port 80

      • FTP Ports 20 & 21

      • Telnet Port 23

    • Port Definitions can be found at: http://www.iana.org/assignments/port-numbers

  • Ports 1024 through 49151 are Registered Ports

  • Dynamic and/or Private Ports are Ports 49152 through 65535


Windows firewall
Windows Firewall

  • Blocks inbound traffic

    • Does not block outbound traffic

  • Configuration allows exceptions

    • Exceptions are set by port or application

      • Application exceptions provide peer to peer types of connections

      • Not many application provide peer to peer capabilities

      • Applications supporting external connections include:

        • Remote Assistance

        • Windows Messanger


Tweakui
TweakUI

  • Available for free from Microsoft

    • One of the “PowerToys”

    • Download from: http://www.microsoft.com/windowsxp/pro/downloads/powertoys.asp

  • Provides a powerful mechanism for configuring the Windows user interface


Troubleshooting windows problems1

Troubleshooting Windows Problems

Presented by: David F. Soll

Vice President, Omicron Consulting

[email protected]

This presentation can be found at:

http://mywebpages.comcast.net/soll


ad