I'm a long time IT person who is hoping to transition to a more Security centric role.
I have lots of *nix security knowledge, and a bunch of Windows admin experience, but am hoping to fill in some of the bits that relate to Windows security.
making some progress
I've started digging, and the rabbit hole is kind of deep, holy. Okay, so let's start a ToDo list:
- Read/check local ReactOS web pages
- Registry (last update - 2017)
- Add summaries and notes, and expand original article
- Working_Batch_Commands (last update - 2019 06)
- Asked for comments
- Review command pages and update
- Followup for more comments
- Look for other info (WP, etc)
- Add links to MS docs
- Instructions on how to create a second partition, since diskpart isn't current fully functional - 2021-02-20
- Mint a template specifying which version a page refers to - 2021-03-04
- Cmd Line Ref - basic review of current release (0.4.13) and recent nightly build (0.4.15) 2021-03-15
having someplace to arrange thoughts
I'm keeping a local "notes" file, but I'd like to gather up interesting tidbits and author some pages. For now, gather them here:
After a bit of wrangling
I've been doing some nibbling around the edges and trying some stuff as I go through my learning with Win and ReactOS. I circled back to that older build and got it to boot -- it turns out picking 32bit rather than 64bit helped a lot. I also got my first BSOD on this particular build, so there is a bit to learn there. On recommendation from chat, I've snagged, received and am now reading the excellent "Windows Internals" book co-authored by Mark Russinovich. While all this is going on, I'm meandering my way through a list of Windows Commands which existed already and was originally derived from SS64.com. What I'm doing is noting what is not reporting it doesn't exist in my current 0.4.15 variant. Originally I thought I might go back and see where the commands originally showed up, but I'm not sure how helpful that is, except for trivia. I will definitely go back once 0.4.14 goes release, and I might in the meantime do it for 0.4.13, the current live release. Cloudsec9 (talk) 19:35, 7 March 2021 (UTC)
I've tried a few ReactOS builds, and after a bit of gerfingerpoken they usually have crashed in the past (if I got them to boot at all). As an Alpha quality system, this is to be expected. But with the latest revision (I'm trying a 0.4.15 branch build), it's hanging together pretty well.
I'm also here this time for a deeper dive, as I'm hoping to learn more about Windows security internals. First thing, is that the codebase is HUGE. It's an operating system, but this isn't some small pet project, it's trying to replicate a pretty ambitious target. With this in mind, it's important to build a mental model of the system, so you can understand how things work. I asked in Mattermost about the source layout, and the answers was refreshing -- it's a bit chaotic. Welcome to the Real world! :) I actually understand completely, as a large project with lots of contributors over many years gets ... messy.
I've done a fair amount of research now, and while I am nowhere NEAR an expert in this yet, I'm going to start to write up a bit so I can understand, organize my thoughts and validate my assumptions. I also have to draw distinctions between how Windows works and how ReactOS works -- while the team is aiming at 2003 server compatibility, they are writing their own code which may take novel implementation approaches to the same interfaces. -- Cloudsec9 (talk) 18:37, 15 February 2021 (UTC)
I think a good spot to start would be to collect a list of pages that haven't changed in a while.
Along with this, might be interesting to create a template that notes WHICH version the page applies to.