I would like to publicly thank Mr. David Stang for some valuable suggestions on how to improve this book, and for pointing out some errors in the first printing.
The Giant Black Book of Computer Viruses
by Mark A. Ludwig, 672 pages, 1995, ISBN 0-929408-10-1, $39.95
Without a doubt, this is the best technical refererence on computer viruses available any-where at any price! This book gives you a com-plete course on computer viruses which starts out with a simple 44-byte virus, and goes on to cover every aspect of modern computer viruses.
In the first part of the book, you’ll explore replication techniques. You will start out with simple overwriting viruses and companion vi-ruses, and go on to discuss parasitic viruses for COM and EXE files and memory resident vi-ruses, including viruses which use advanced memory control structure manipulation. Then you’ll tour boot sector viruses ranging from simple varieties that are safe to play with up to some of the most successful viruses known, including multi-partite viruses. Advanced topics include infecting device drivers, windows, OS/2, Unix and source viruses, with fully functional examples of each.
The second part of the book will give you a solid introduction to the battle between viruses and anti-virus programs. It will teach you how virus detectors work and what techniques they use. You’ll get a detailed introduction to stealth techniques used by both boot sector viruses and file infecting viruses, including protected mode techniques. Next, there is a tour of retaliating viruses which attack anti-virus programs, and polymor-phic viruses. Finally, you’ll get to experiment with the awesome power of Darwinian genetic viruses.
The third part of the book deals with common payloads for viruses.
It includes a thorough discussion of destructive logic bombs, as well as how to break the security of Unix and set up an account with super user privileges. Also covered are the use of viruses to leak information through covert channels, and beneficial viruses, including KOH.
This book is packed with detailed explanations of how all these viruses work and full source code for 37 different viruses and 4 anti-virus programs. It also contains exercises designed to make you as proficient as the author in this subject. Nothing is held back!
Airmail Shipping:Canada & Mexico add $8.00, others add $17.50
Program Disk $15.00
This disk contains full source and executables for all the viruses and anti-virus programs detailed in the book, including the KOH virus. Sorry, due to export restrictions, KOH is not included on the disk for international customers. You may order it separately—see elsewhere in this catalog.
Airmail Shipping:Canada & Mexico add $2.00, other countries add $3.00
The Collection CD-ROM
This is perhaps the hottest CD-ROM you will ever find anywhere.
Why do I say that? Take a look at what this CD contains:
• For starters, you get a fantastic virus collection consisting of 574 families, each of which may consist of anywhere from one to hundreds of viruses - about 3700 carefully tested and cataloged viruses in all (37 Megabytes).
• Roughly 700 files (2.8 Megabytes) containing new viruses which aren’t properly identified by most scanners.
• Plenty of source code and disassemblies of viruses to learn how they work (12 Megabytes).
• Mutation engines, including the Dark Avenger’s and the Trident Poly-morphic Engine, and others.
• Virus creation kits, including the Virus Creation Lab, Mass Produced Code Generator, and others.
• Trojan horse programs, trojan-generating tools and source listings.
• Unusual and famous viruses for non-DOS environments, like the Internet Worm and the Christmas virus.
• Virus-related electronic newsletters ranging from the establishment Virus-L to underground sources like 40 Hex, Crypt and Nuke. (76 Megabytes)
• Text files and databases on viruses to tell you exactly what they do when they attack (10 Megabytes)
• A test bed of mutating viruses to test your scanner against.
• Virus Simulators
• A multitude of shareware/freeware anti-virus programs (8 Megabytes)
• Assembly language and virus-handling tools including an assembler and disassembler.
In all, this CD is one of the most fascinating collections of secret underground computer software on earth—a full 157 megabytes in total.
We have collected these viruses and programs from all over the world during the past several years. They represent the work of virus researchers, anti-virus developers, and the virus underground.
If you are a virus researcher who needs live viruses, or an anti-virus developer who refuses to be content with being handed search strings, this CD is an absolute must. Assembled from American Eagle’s private collection, this is your opportunity to get the inside scoop on viruses that you just can’t get without a major independent collection.
If you don’t trust your anti-virus program to catch viruses effectively, this CD will allow you to test it like never before! You can find out first-hand just what your anti-virus software can and cannot do. Watch as it misidentifies viruses, identifies two different viruses by the same name, and fails to spot others! Once you do that, you’ll know just what you can and cannot expect from your software. You don’t have to buy anti-virus software without testing it anymore!
Up until now, this information has been hard to obtain. Soon, it may be illegal to get it in the US. In many countries it already is illegal to distribute virus code. Every year, Congress attempts to put a new computer crime bill through which includes sanctions against the distribution of virus code in the US. Every year, agressive lawyers and prosecutors seek to interpret vague laws in new ways. The First Amendment is being systematically burned up in cyberspace, and chances are, your ability to buy material like this will be seriously curtailed before long. For now, though, we are able to make this incredible collection available. If you’ve ever even considered getting ahold of this material, don’t wait, or you may be too late!!