What is the best way to learn about file system filters?

OSR_Community_User · November 15, 2004, 9:34am

Hi,

I am new to kernel programming and want to learn the technology that drives
anti-virus and firewall software. I have been using the Windows 2003 DDK
and Walter Oney’s book and they seem to be intended for a different
audience. What is the best way to learn about file systems and more
specifically, file system filter drivers?

Should I get the IFS kit? Should I get Rajeev’s book? Is there a better
book? Is there a book that talks about packet filtering in a driver? OSR
training is not an option since I have to pay for it out of my own pocket.

Thanks,
Takin

Don_Burn_1 · November 15, 2004, 9:41am

I guess I’m confused, you can pay for the IFS Kit $1000, you can buy a used
copy of Rajeev’s book ($500+ at Amazon), but you can’t afford the OSR
course?

The DDK and Walters book will give you a good basis for getting started,
since file systems and filters may be thought of as an extension of device
driver programming. Most of the services are the same, there are just more
for a file system. Yes, you need the IFS kit. Rajeev’s book is good, but
is out of date and there is no other book out there.

–
Don Burn (MVP, Windows DDK)
Windows 2k/XP/2k3 Filesystem and Driver Consulting
Remove StopSpam from the email to reply

“Takin Nili-Esfahani” wrote in message
news:xxxxx@ntfsd…
> Hi,
>
> I am new to kernel programming and want to learn the technology that
drives
> anti-virus and firewall software. I have been using the Windows 2003 DDK
> and Walter Oney’s book and they seem to be intended for a different
> audience. What is the best way to learn about file systems and more
> specifically, file system filter drivers?
>
> Should I get the IFS kit? Should I get Rajeev’s book? Is there a better
> book? Is there a book that talks about packet filtering in a driver? OSR
> training is not an option since I have to pay for it out of my own pocket.
>
> Thanks,
> Takin
>
>
>

OSR_Community_User · November 15, 2004, 12:43pm

(sorry for replying to your email originally.)

The OSR class is $3450 and if you add travel and hotel costs it will be
about $5000.

Rajeev’s book is about $150 used right now. $900 for the IFS kit is a lot
but still within reason.

Thanks for the advice.

Takin

“Don Burn” wrote in message news:xxxxx@ntfsd…
>I guess I’m confused, you can pay for the IFS Kit $1000, you can buy a used
> copy of Rajeev’s book ($500+ at Amazon), but you can’t afford the OSR
> course?
>
> The DDK and Walters book will give you a good basis for getting started,
> since file systems and filters may be thought of as an extension of device
> driver programming. Most of the services are the same, there are just
> more
> for a file system. Yes, you need the IFS kit. Rajeev’s book is good, but
> is out of date and there is no other book out there.
>
>
> –
> Don Burn (MVP, Windows DDK)
> Windows 2k/XP/2k3 Filesystem and Driver Consulting
> Remove StopSpam from the email to reply
>
> “Takin Nili-Esfahani” wrote in message
> news:xxxxx@ntfsd…
>> Hi,
>>
>> I am new to kernel programming and want to learn the technology that
> drives
>> anti-virus and firewall software. I have been using the Windows 2003 DDK
>> and Walter Oney’s book and they seem to be intended for a different
>> audience. What is the best way to learn about file systems and more
>> specifically, file system filter drivers?
>>
>> Should I get the IFS kit? Should I get Rajeev’s book? Is there a better
>> book? Is there a book that talks about packet filtering in a driver?
>> OSR
>> training is not an option since I have to pay for it out of my own
>> pocket.
>>
>> Thanks,
>> Takin
>>
>>
>>
>
>
>

OSR_Community_User · November 15, 2004, 12:52pm

Read all the articles on osronline.com and the FAQ of course. Also, get
filemon from sysinternals.com and experiment with it. Although it is old, I
would try to get Rajeev’s book, b/c it is a good foundation for FSFDs if you
keep it in perspective. Finally, get the IFS kit and read the docs that
come with it, including watching the videos. Have fun.

Matt

-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Takin Nili-Esfahani
Sent: Sunday, November 14, 2004 1:25 AM
To: Windows File Systems Devs Interest List
Subject: [ntfsd] What is the best way to learn about file system filters?

Hi,

I am new to kernel programming and want to learn the technology that drives
anti-virus and firewall software. I have been using the Windows 2003 DDK
and Walter Oney’s book and they seem to be intended for a different
audience. What is the best way to learn about file systems and more
specifically, file system filter drivers?

Should I get the IFS kit? Should I get Rajeev’s book? Is there a better
book? Is there a book that talks about packet filtering in a driver? OSR
training is not an option since I have to pay for it out of my own pocket.

Thanks,
Takin

Questions? First check the IFS FAQ at
https://www.osronline.com/article.cfm?id=17

You are currently subscribed to ntfsd as: xxxxx@bitarmor.com To unsubscribe
send a blank email to xxxxx@lists.osr.com

Neil_Weicher · November 15, 2004, 2:00pm

Don, a lot of people place no value (i.e., $0.00) on their time. They don’t
realize that time is usually the most expensive part.

----- Original Message -----
From: “Don Burn”
Newsgroups: ntfsd
To: “Windows File Systems Devs Interest List”
Sent: Monday, November 15, 2004 9:39 AM
Subject: Re:[ntfsd] What is the best way to learn about file system filters?

> I guess I’m confused, you can pay for the IFS Kit $1000, you can buy a
used
> copy of Rajeev’s book ($500+ at Amazon), but you can’t afford the OSR
> course?
>
> The DDK and Walters book will give you a good basis for getting started,
> since file systems and filters may be thought of as an extension of device
> driver programming. Most of the services are the same, there are just
more
> for a file system. Yes, you need the IFS kit. Rajeev’s book is good, but
> is out of date and there is no other book out there.
>
>
> –
> Don Burn (MVP, Windows DDK)
> Windows 2k/XP/2k3 Filesystem and Driver Consulting
> Remove StopSpam from the email to reply
>
> “Takin Nili-Esfahani” wrote in message
> news:xxxxx@ntfsd…
> > Hi,
> >
> > I am new to kernel programming and want to learn the technology that
> drives
> > anti-virus and firewall software. I have been using the Windows 2003
DDK
> > and Walter Oney’s book and they seem to be intended for a different
> > audience. What is the best way to learn about file systems and more
> > specifically, file system filter drivers?
> >
> > Should I get the IFS kit? Should I get Rajeev’s book? Is there a
better
> > book? Is there a book that talks about packet filtering in a driver?
OSR
> > training is not an option since I have to pay for it out of my own
pocket.
> >
> > Thanks,
> > Takin