Day 013 #FromZeroToHacker – Windows Fundamentals: Part 2

While in Windows Fundamentals 1 we covered the basic stuff such as Desktop, file system, UAC, control panel, etc, now it is time to go deeper: Let’s learn about System Configuration, how to modify UAC settings, what resource monitoring is, how the Windows registry works and more.

This is the second of the 3-part lesson from our #FromZeroToHacker Windows fundamentals.

Table of contents
Introduction
What I have learnt today?
Stats
Resources

Introduction to Windows Fundamentals

We are going deeper into Windows: Time for learning about System Configuration and its tools

  • Introduction to System Configuration
  • How to manage UAC settings
  • Computer management
  • System information
  • Resource monitor
  • Command prompt
  • Registry editor
Windows logo 1992

What I have learnt today?

System configuration

Windows has a tool for advanced troubleshooting, MSConfig, which helps us diagnose startup issues.

You can launch System Configuration from your Start Menu:

Windows fundamentals: System Configuration

Once launched, we are presented with 5 tabs:

  • General
  • Boot
  • Services
  • Startup
  • Tools
Windows Fundamentals System configuration General Tab

As we can see, in the General tab, we can select what devices and services are loaded when we boot our Windows.

System configuration Boot Tab

In the Boot tab, we can define various boot options.

System configuration Services Tab

The Services tab lists all the services configured for the system (running or not). A service is a program that runs in the background.

System configuration Services Tab

The Startup tab doesn’t offer us too much: Just a link to open the Task Manager. This is because Task Manager lets us manage startup items.

System configuration Tools Tab

The Tools tab shows us a list of various utilities that let us configure the OS in a deeper way. Each tool has a brief description, providing with information about what the tool is for.

Let’s see some of them:

Change UAC controls

As we saw yesterday, UAC is a very important tool to prevent malware attacks in our Windows systems. We can change its settings by launching the UAC settings from the System Configuration, at the Tools tab.

System Configuration Change UAC

By simply moving the slider up and down, we change the UAC settings (You shouldn’t turn it off entirely). At the right side of the window, you can read what the current setting entails.

UAC control

Computer management

Computer Management has three sections: System Tools, Storage and Services, and Applications.

Windows Fundamentals Computer management

System tools

System tools

Task Scheduler lets us manage common tasks that our computer will carry out automatically at the time specified. That task can be to just run an application, a script, etc. We can also specify to run a task periodically, for example, every 30 minutes.

Event Viewer allows us to view events that occurred on the computer. These logs can be read to understand the activity of the computer system. Normally we do this to diagnose errors we found on our Windows.

Event viewer logs

There are five types of events that can be logged in. More information on Microsoft Event Types:

Windows Fundamentals Microsoft event types

Shared folders is where you will see a list of shares and directories shared that others can connect to:

Computer management shared folders

Under Shares you can find items shared with other users, under Sessions you will see a list of users currently connected to any shares, and finally, in Open files, there is a list of files and directories open by the connected users.

Local users and groups

The Local users and groups bit is familiar to us, as we saw it yesterday on Windows Fundamentals: Part 1 – User groups

Performance monitor

The Performance section let us view the performance data in real-time. We can create logs, configure and schedule performance counter, trace and configure data collection to analyze the results.

Device manager

The Device Manager allows us to view and configure the hardware our computer uses.

Storage

Under storage, there is Windows Server Backup and Disk Management. As we don’t have a server, we will only look at Disk Management.

Storage

Disk management let us perform advanced storage tasks such as setting up a new drive, extending or shrinking a partition, or changing drive letters.

Services and applications

Services and applications

As we saw a few minutes ago, a service is a task that runs in the background. Here we can do more than just enable and disable a service. We, for example, can view the properties of a service:

Windows Fundamentals Service properties

WMI Control configures and controls the Windows Management Instrumentation service or WMI.

WMI allows scripts to manage Windows personal computers and servers, locally and remotely.

System Information

Let’s keep talking about Tools from the System Configuration panel.

Windows Fundamentals Service information

This tool gathers information about your computer, displaying it in a comprehensive view of your hardware, software, and system components.

The System Summary displays general information from the computer:

System summary

The information displayed in Hardware Resources is a bit more technical. If you want, you can learn more on the Official Microsoft page

Hardware resources

Under Components, you will see specific information about hardware devices installed on your computer.

Components

In the Software Environment section, there is information about software from the core of your OS and the software you installed. Other details available are the Environment variables (Variables that store information about the OS environment such as the OS path, number of processors, etc) and Network connections.

Software environment

Resource Monitor

Resource monitor displays information about OS processes: Memory, Disk, and Network usage, along with details about which processes are using individual file handles and modules.

This utility is geared towards advanced users who need to perform advanced troubleshooting on the computer.

Besides Overview, this tool has four sections:

CPU

Resource monitor CPU

Memory

Resource monitor memory

Disk

Resource monitor disk

Network

Resource monitor Network

Command Prompt

The command prompt is the equivalent of the Linux Terminal. It also may seem daunting at first, but once you understand how to interact with it, it will become just another tool.

A few commands that we can use are whoami, which outputs the name of the logged-in user, and hostname, which outputs the computer name.

A command used often to troubleshoot is ipconfig, a command that shows the network addresses settings:

Windows Fundamentals terminal ipconfig

A flag to retrieve the help manual, the equivalent of man in Linux, is /?:

Windows Fundamentals terminal help

You can find the most important commands in this freeCodeCamp link.

Registry editor

The Windows registry is a database where information necessary to configure the system is stored. Here, we can find data about:

  • Profiles for each user
  • Applications installed on the computer and the types of documents that each can create
  • Property sheet settings for folders and application icons
  • What hardware exists on the system
  • The ports that are being used

This registry is for advanced computer users. Making any changes may affect normal computer operations. Believe me, I did (and not in a good way :/).

Windows Fundamentals Registry Editor

Stats

From 203.950th to 195.022th. Finally reaching the top 10%!

Here is also the Skill Matrix:

Windows Fundamentals Skill matrix

Resources

Path: Pre Security

Windows Fundamentals

TryHackMe: Windows fundamentals part 2

Other resources

Microsoft Event Types
Hardware Resources: Official Microsoft page
Command Line Commands