Thursday, April 06, 2006

WindowsIR SourceForge site

Okay, based on a question the Bret posed in the CyberSpeak interview, I've set up a SourceForge site for my tools. Thinking about it, this is probably a better idea than using the Windows-ir.com site.

Right now, all I've got posted to the site is the RAMDump GUI I wrote, which is a wrapper around George M. Garner's version of dd.exe. The basic idea is to allow someone to capture/dump \\.\PhysicalMemory from a Windows 2000/XP system, with less knowledge. The GUI will tell you how much physical memory is on the system, and which drives (and type of drive...fixed, removeable, network) are available, and once the dump process is started, will give you a status. It's pretty simple and straightforward, and the source is provided in case you want to modify the command line that is launched, or the messages, or whatever.

If you don't have Perl2Exe to create a standalone executable from the Perl script, look at installing Perl (if you haven't already) and the PAR module ("ppm install PAR" under Activestate) and using that to create the standalone EXEs.

Over time, I'll be adding the FSP and FRU tools, the tools I've created for processing dumps of physical memory, and other supporting tools for the FSP/FRU. This will include analysis/correlation tools for processing the data collected by the FRU/FSP.

No comments: