First of all the good:
- In a short space of time, regmon, filemon and process explorer have been merged into one tool, called Process Monitor 1.0. It is really excellent, and allows you to get a complete view on everything going on in an application, as well as improving on the reporting capabilities of its predecessors. Hopefully there will more improvements to come in this and other tools.
- Support for Vista in both i386 and x64 code.
The bad:
- Source code has been dropped for the reason 'The number of source code downloads didn’t justify the migration, support, and possible integration problems it might cause with other Windows components down the road. They also mention the fact that it has been used in malware, and some of the programs use undocumented APIs'.
- Removal of linux versions of applications such as Filemon (no surprise there!)
I think all the negative comments on the technet sysinternals discussion are especially unfair, particularly the 'sold out' comments directed at sysinternals founder Mark Russinovich. Here is a guy that has provided some of the best tools out there free of charge (as well as discovering the Sony BMG rootkit, and the NT4 workstation to server registry hack!), and if after a long time he 'sells out' to Microsoft, then good luck to him. Microsoft are continuing to support and develop the tools, so it should be for the benefit of the community in the long run.
As for the purists out there who like to see source code and check it over by hand to ensure it is safe for the rest of us (do they really exist?), why don't they just band together and come up with a true set of open source sysad tools? I'll host the site if anyone out there is interested!
Good luck Mark, I hope Microsoft are good to you, and thanks for all you have done for the industry.
