Results 1 to 8 of 8

Thread: writing a book, "Malware-Writing Malicious Code".

  1. #1
    Banned shakuni's Avatar
    Join Date
    Aug 2007
    Posts
    24

    writing a book, "Malware-Writing Malicious Code".

    I read Mark Ludwig's "The Giant Black Book of computer viruses" a few years back. However it is obsolete now and there is no book to fill its place. Although there are good books on writing rootkits, there's no book that focus on writing computer viruses and worms (There is one by springer but it only touches the surface).
    There are some books like "Malware-Fighting Malicious Code" by Ed Skoudis and "The Art of Computer Virus Research and defense" by Peter Szor, but both are on the defensive side.
    I think its high time someone should write a book on the offensive side of computer virus research. I've started to write one that will focus on both windows and Linux platforms.

    Please give me your opinion on the following points-

    1.What should be the scope of the book (tell'em'all or just show them the way and leave them to research further). I prefer the tell'em'all approach.

    2.Should the book be based purely on assembly language only or there should be some HLL(c/c++) code in it. Again I prefer the assembly language paradigm since it is almost impossible to do many things in HLL.

    3.Should I write such book at all ?

    Any other suggestions are welcome.

  2. #2
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Location
    Redondo Beach, CA
    Posts
    7,323
    Quote Originally Posted by shakuni
    Please give me your opinion on the following points-

    1.What should be the scope of the book (tell'em'all or just show them the way and leave them to research further). I prefer the tell'em'all approach.

    2.Should the book be based purely on assembly language only or there should be some HLL(c/c++) code in it. Again I prefer the assembly language paradigm since it is almost impossible to do many things in HLL.

    3.Should I write such book at all ?

    Any other suggestions are welcome.
    Don't know you well enough or your writing style but based on the question a few of the following thoughts come to mind:

    1. The scope of the book depends on your audience. Who are YOU intending on the audience to be? That's not something we can recommend because it is dependent on your own goals as to who you want to educate, communicate with, etc.

    2. This will get back to point 1. If the intent is to reach O/S developers, then assembly may make sense. Additionally, the amount of code and depth of code will depend on point 1. How many would have experience in assembly versus says C or other languages.

    3. Writing a book is a huge undertaking. It's not just a matter of putting words down but also ensuring there is a flow to it -- extremely important in technical books (if the book appears to be slapped together haphazardly, then no one will want to read it) -- and that the topics make sense and the info is clear. You will also have to know the audience, find a publisher that would be willing to take the chance on it and think that they will make something from it. In today's technical market, that's a hit and miss. Viruses, while prevelant, aren't smack in everyone's face as it was say 10-15 years ago. Again, this will depent on point 1.

    HTH
    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage

  3. #3
    Just Another Geek
    Join Date
    Jul 2002
    Location
    Rotterdam, Netherlands
    Posts
    3,401
    Again I prefer the assembly language paradigm since it is almost impossible to do many things in HLL.
    I would agree certain things are only possible in assembly but at it's core you can write a virus in a shell script.
    Language is a means.. It's the possibilities that are the real danger..
    Oliver's Law:
    Experience is something you don't get until just after you need it.

  4. #4
    They call me the Hunted foxyloxley's Avatar
    Join Date
    Nov 2003
    Location
    3rd Rock from Sun
    Posts
    2,534
    to see just what your 'style' IS
    write a tutorial along the lines of how you would intend the book to look

    it's easier to critique once there is something to pull apart

    otherwise, as MSM has said, it all depends on who YOU intend the book to be aimed at,and until that is settled, nothing else can be fixed down

    but a tutorial is always a good thing
    so now I'm in my SIXTIES FFS
    WTAF, how did that happen, so no more alterations to the sig, it will remain as is now

    Beware of Geeks bearing GIF's
    come and waste the day :P at The Taz Zone

  5. #5
    Custom User
    Join Date
    Oct 2001
    Posts
    503
    If you want some real suggestions I'd suggest writing a potential chapter list. About the HLL vs assembly language it depends on how specific you want to be. Are you writing a book about exploiting a certain system with certain vulnerabilities or are you writing about potential problems that you can have with various systems?

    Generally I wouldn't have thought you'd need assembly language unless you were talking about a specific problem.

    ac

    [edit]Bear in mind I appear drunk[/edit]

  6. #6
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,188
    Hi shakuni,

    I have a few suggestions that you might like to consider:

    1. I would recommend at least a chapter discussing the history of malware.
    2. Another to cover the various types or manifestations, and their conceptual backgrounds?
    3. Another to consider some of the famous authors and incidents.

    Then go write your book

    I would warn you that the information in most technical books is obsolete by the time that they are published so an in depth account as opposed to general principles will date the book more quickly.

    I have suggested #1 ~ #3 to get the attention of a wider audience;and, if written properly, might get you a publisher?

    I believe that you need to address the question of HLL/LLL, but would suggest that you do this at a theoretical level in at least one chapter.

    What I am suggesting is that you at least make your book readable to a wider audience. That sells copies

    A small example: I distinctly remember the days of the "smallest virus on Earth" competition............... damn clever stuff; and all in assembly language

    Good luck,

    Johnno

  7. #7
    Banned shakuni's Avatar
    Join Date
    Aug 2007
    Posts
    24
    Thanks for suggestions.
    I have completed a potential chapter list and index of the book.
    I want to make virus writing so easy that it will not be "cool" anymore.The problem is that it will make virus writing easy for the wrong guys as well.

  8. #8
    Senior Member
    Join Date
    Oct 2003
    Location
    MA
    Posts
    1,052
    As far as writing a virus, it cold be something as simple as a batch file that runs deltree ... and i forgot where i was going with that haha

Similar Threads

  1. Ankit Fadia Torn Apart
    By Taufeeq in forum Product / Book / Training / Conference Reviews
    Replies: 17
    Last Post: December 23rd, 2006, 05:59 PM
  2. Kevin Mitnick -The banned chapter
    By Dr_Evil in forum Product / Book / Training / Conference Reviews
    Replies: 13
    Last Post: December 16th, 2004, 06:02 AM
  3. Tcp/ip
    By gore in forum Newbie Security Questions
    Replies: 11
    Last Post: December 29th, 2003, 08:01 AM
  4. crack down on a programmer for writing a tool with malicious applications
    By imported_Tek Weasel in forum Programming Security
    Replies: 7
    Last Post: October 2nd, 2002, 04:05 PM
  5. Book by Kevin Mitnick outlaw hacker describes tricks of the trade!
    By Isellcrack4FBI in forum Product / Book / Training / Conference Reviews
    Replies: 10
    Last Post: July 6th, 2002, 02:56 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •