Episode
Defrag Tools #108 - Sysinternals SysMon - Mark Russinovich
Mark Russinovich and Thomas Garnier join Andrew Richards in this episode of Defrag Tools. We talk about their new tool - Sysinternals System Monitor.
System Monitor (Sysmon) is a Windows system service and device driver that, once installed on a system, remains resident across system reboots to monitor and log system activity to the Windows event log. It provides detailed information about process creations, network connections, and changes to file creation time.
Resources:
Sysinternals System Monitor (SysMon)
Rogue Code - A Novel
Timeline:
[00:00] - Rogue Code - The new cybersecurity novel
[00:55] - Announcing: Sysinternals System Monitor (SysMon)
[04:17] - Released August 7th 2014
[04:42] - Command Line
[05:55] - Case of My Mom's Chronically Infected PC
[12:20] - Sysinternals AutoRuns - Scheduled Tasks
[15:08] - 64Mb Event Log - weeks of activity
[16:59] - Email us your issues at defragtools@microsoft.com
Authors:
Mark Russinovich is the Chief Technology Officer for Azure and co-founder of Sysinternals.
Thomas Garnier is Senior Security Software Developer in Trustworthy Computing.
Mark Russinovich and Thomas Garnier join Andrew Richards in this episode of Defrag Tools. We talk about their new tool - Sysinternals System Monitor.
System Monitor (Sysmon) is a Windows system service and device driver that, once installed on a system, remains resident across system reboots to monitor and log system activity to the Windows event log. It provides detailed information about process creations, network connections, and changes to file creation time.
Resources:
Sysinternals System Monitor (SysMon)
Rogue Code - A Novel
Timeline:
[00:00] - Rogue Code - The new cybersecurity novel
[00:55] - Announcing: Sysinternals System Monitor (SysMon)
[04:17] - Released August 7th 2014
[04:42] - Command Line
[05:55] - Case of My Mom's Chronically Infected PC
[12:20] - Sysinternals AutoRuns - Scheduled Tasks
[15:08] - 64Mb Event Log - weeks of activity
[16:59] - Email us your issues at defragtools@microsoft.com
Authors:
Mark Russinovich is the Chief Technology Officer for Azure and co-founder of Sysinternals.
Thomas Garnier is Senior Security Software Developer in Trustworthy Computing.
Have feedback? Submit an issue here.