July 22nd, 2002, 11:57 PM
Why is NT/2k so much more stable? Part 3/5
This is a continuation of a tutorial originally posted here. Do to time constraints on editing I have to post a new thread.
---------------------------------Windows NT/2k Operating System------------------------------
With the creation of the Windows NT(New Technology)/2000 Operating System, M$ took the liberty of completely doing away with the older 16-bit application use and geared this OS towards 32-bit only applications. The OS operates in protected mode as soon as it recieves control from the BIOS. Remember that Windows 9x/ME loads some real-mode components before switching to protected mode. At this point it should become clear why this OS is much more stable. I will list some of the more important changes between NT and 9x here:
Some major improvements in NT/2k.
- Loads directly into protected 32-bit mode when the BIOS hands it control.
- No longer supports real-mode device drivers, which were used by MS-DOS.
- No longer supports Virtual device drivers used by 9x either.
- Supports multiple processors for true multitasking.
- Can maintain seperate hardware profiles for different hardware configurations on the same PC.
- Provides a personal web server.
- Provides security (however minimal) for individual files, folders, and other resources. Users passwords can be maintained on either the standalone workstation, or from a central network controller. (Primary Domain Controller)
- Is much more stable (will be made clear later)
- Can run on other processor types such as... MIPS R4x00-based, Alpha AXP-based, and PReP- compliant PowerPC-based processors.
Windows NT/2k also provides you with a new file format choice... NTFS (New Technology File System). For the advantages of NTFS see my FAT vs. NTFS The ultimate Guide to Win file systems. tutorial.
Now lets take a look at how WindowsNT/2k loads.
When you first boot up an NT/2k system the boot load menu will ask you to select an OS. You can change these settings from the System icon in the control panel. But before you see this screen, many things have already loaded. Lets take a look at them. Don't worry if you don't understand any of the boot process, it will be discussed in more detail later.
[list=1][*]POST executes.[*]The MBR is loaded and the master boot program is run. [*]The MBR program finds and loads Ntldr(NT Loader). This file is similar to the Windows 9x IO.SYS boot file. [*]Ntldr changes the system from real-mode to a 32-bit flat memory mode in order to run its 32-bit code. [*]Minifile system is loaded and started so files can be accessed.[*]Ntldr reads the boot.ini file and builds the appropriate menu. This is where you select which OS you wish to use. If another OS is chosen, then that OS's boot process is then executed from here.[*]Ntldr uses the Ntdetect.com program to search for installed devices in the PC and gives this information back to Ntldr.[*]Ntldr loads Ntoskrnl.exe, HAL.DLL, and the system portion of the registry, which contains information about the hardware.[*]Ntldr passes all control to Ntoskrnl.exe and the boot process is finished. [/list=1]
Now lets take a closer look at each step.
[list=1][*]POST Executes, MBR is loaded, and the MBR program loads the Ntldr program.
The POST and MBR are explained in Part 1 of this tutorial. Please see the explanations there.[*]Ntldr starts the process of loading the Windows NT/2k OS.
This file has the same purpose of the IO.SYS file in previous versions of Windows. [*]Ntldr changes the mode to 32-bit flat memory mode.
Up to this point the processor has been in real-mode where every program had direct access to all the systems resources. Although Windows NT does not process in real-mode, so NTldr's first step is to switch this mode to a 32-bit mode called 32-bit flat memory mode. [*]Minifile system is loaded.
The minifile system is a program that allows WindowsNT to read both FAT or NTFS file systems. This is there so that in the next step, the boot choice, the Ntldr program can read a FAT file format used by other Windows OS's. [*]Boot.ini is read and loaded by Ntldr.
The boot.ini file is a hidden text file that contains information to build the boot menu. You can either choose an OS to load, or after a specified time a choice will be auto-selected. If another OS is chosen besides Windows NT/2k, that OS's boot sequence is initiated.[*]Ntldr uses Ntdetect.com to locate installed devices.
The Ntdetect looks through your computer and detects all installed components and passes that information back to Ntldr. This information is used to update the registry concerning the last-known good hardware profile used.[*]Ntldr loads Ntoskrnl.exe, HAL.DLL, and the system part of the registry.
The Ntoskrnl.exe file is the NT Kernel layer, the HAL.DLL is the Hardware Abstraction Layer, and the System part os the registry contains hardware information that is used to load the appropriate drivers. [/list=1]
This is how the Windows NT/2k system is loaded.
Well thats it for now. Look for Parts 4 and 5 hopefully in the near future.
- Part 4 - How Windows Manages memory and resources.
This will be where we really get into the processes behind each OS and why NT is more stable. This will be the main focus of this series and will contain everything that is happening behind the scenes of the OS's.
- Part 5 - Conclusion
July 23rd, 2002, 12:06 AM
An excellent tutorial...thorough and understandable....kudos on a job well done.
It isn't paranoia when you KNOW they're out to get you...