Viruses Books

Never trust a person that writes about things that he or she does not understand.

The citation below contains several very serious errors.

--------Chapter 16, Page 228 (footnote)-------
Non-polynomial (NP) problems have no known solutions of this nature [polynomial time solutions] and may require dramatically more time to solve as the input length increases, exhibiting, for example, exponential dependency. A subset of NP problems, known as NP complete, are proven to have no polynomial time solutions.
----------------------------------------------

The errors are:

1. "NP" does not mean "Non-polynomial" but "Non-deterministic Polynomial" (which are VERY different things)
2. Many NP problems do have known polynomial solutions, and it is possible that all of them have (still unknown) polynomial solutions.
3. None of the NP-complete problems have been proved to lack polynomial time solutions... Indeed, any such a proof would solve the famous "P vs NP" problem, a central open problem in computer science that has an associated prize of one million dollars from the Clay Mathematics Institute.

Granted that the book is not about complexity theory, but still, how could you trust any information in the book after this?

A must for any IT security/networking engineer. Great read, great price, informative yet entertaining.

Nutshell review - This is a great read. Very entertaining and informative. Will really open your eyes and make you think about unusual information security issues and attack vectors.

Zalewski brought up a number of interesting and very innovative security situations and possibilities. The statistical derivation of content based upon CPU utilization, is something I had never even considered... but at the same time it looks like it could be more work than someone would be willing to invest. The writing style is also slightly academic. A fair amount of time is spent giving background and information about a topic when those who may see the situation will probably already understand the history. I will have to admit that this was not a page turner, but I am very happy I bought this book. It was just a little difficult to get through at times.

Silence on the Wire is not your typical security book detailing the
latest application exploits or generalized security trends and attack
prevention. Zalewski deals in the minutia. If you were to construct
a Bell Curve of security knowledge and concepts, you would need to
chop out a large portion of this graph and simply include the upper
threshold, in which Zalewski thrives on the seemingly unknown.

Zalewski takes a bottom-up approach. He dives right into the security
of hardware design, Random Number Generation, and how this can all add
up to information leakages otherwise known as security threats. If
you have ever typed on a keyboard, then you may be interested in
knowing what signature you are generating of yourself every time you
log into that remote SSH console. Perhaps you might also be
interested in the fact that simple mathematical operations, such as 2
* 100, could result in timing attacks against your algorithm, whereas
100 * 2 may not. Scary stuff.

Zalewski continues with seemingly innocuous attacks that can occur
before your IP packets ever leave the local network. It is unnerving
to find out just how easy (and cheap) it is to reconstruct data from
those blinking lights on your network equipment, or unsanitary
Ethernet frames. Have you ever given thought to how nice it was to
have virtual network auto-configuration on your switches? Well, so do
your foes.

Once your packets touch other nodes all across the Internet, that's
when the real fun begins. If you are already familiar with the OSI
Model and the TCP/IP suite, then your reading will hit a low point for
the next thirty pages or so. However, when you emerge from this sand
trap of common knowledge, most certainly provided to assist uninformed
readers, you are met with quite worthy knowledge detailing the ability
to accurately identify remote parties, who otherwise may wish to
remain anonymous. Your choice of Operating System and Web Browser may
help somewhat, but Zalewski shows how you can still be sniffed out
even across the sea of the Internet.

Zalewski concludes the book with a brief look at the entire Internet
as an aggregate system, and how subtleties of its inner-workings can
be exploited by those who understand them. It never once crossed my
mind to utilize carefully constructed packets for distributed
computing tasks acting as Boolean operations, but one of the final
topics regarding parasitic storage does appear quite attainable.
Zalewski's final chapter in the book leaves us with the lesson that
sometimes all you need to do to discover the minutia, is to open your
eyes.


* p. 127: Figure 9-6, regarding TCP options, is incorrect.
* p. 182/183: '6,4512' should read '64,512'.
* p. 198: 'user-racking' should read 'user-tracking'.
* p. 216: 'www.rogue-severs.com' should likely read 'www.rogue-servers.com'.
* p. 233: 'recover the information he when it bounces back' should
likely read 'recover the information when it bounces back'.

I enjoy reading all of the Dirk & Steele collection. Great plots, twists, and emotions through out the book. Great readings, all of them.

There's a new virus in the Congo -- it's highly contagious and deadly. Dr. Rikki Kinn is a top virus hunter and she's sent to investigate. Before she even gets to her transport, there's an attack that leaves a friend dead or wounded -- she's not sure. The Congo is not a safe place to be at the best of times; but it's not random, the attack was specifically aimed at Rikki. Soon, she doesn't know who to trust and a misstep could cost more than her life.

Dirk and Steele is a very different detective agency -- they take on a lot of cases no one else will touch. Their staff is not just highly trained -- they're not quite normal. So when Dirk and Steele are asked to look out for Dr. Kinn's welfare -- they call on Amiri, a were-cheetah who once called Kenya home. He doesn't want to return to Africa but realizes it is time to face his own devils.

There's a lot going on in The Last Twilight, there's the disease, the attacks, the killers who are dressed as the "good guys", and there's misdirection and mistrust. It's hard to gain someone's trust when you can't tell them the truth. But when you're on the run for your life, you have to trust someone or you could die. Rikki and Amiri form an uneasy alliance, whether in spite of or because of their attraction to each other even they don't know.

The pieces are gathered and some fit, some don't, and some may come together in other stories in this universe. However, the characters are well drawn, the plot is clever and filled with misdirection and red herrings while maintaining internal consistency (a state that's harder to achieve than some might think), and the romance doesn't interfere with the page turning, edge of the seat, excitement.

Marjorie M. Liu has delivered another non-stop adventure in this latest Dirk and Steel title. The Last Twilight takes readers to Africa, and like Liu's previous books, the descriptions are so rich readers will almost feel the damp of the jungle seeping into them.

We are introduced to Rikki, a doctor with the CDC who hunts viruses and outbreaks in underdeveloped countries. I loved this character. She is strong and courageous while fighting attacks from all sides and battling her own demons. She's an incredibly tough woman who still harbors vulnerablilities. She is perfect match for Amiri, who must face his own nightmares in his return to Africa.

This tale brings back Rictor in the largest role he's seen since he was itroduced in Russia. Some mysteries surrounding him are explained, but we are still left with many questions about who and what he really is. He, in fact, doesn't seem to know exactly what he's capable of doing.

Readers are given a new mystery to ponder in this installment: Where, exactly, do the strange abilities of the Dirk and Steel members come from, and are there more, less dramatic, less noticable gifts out there? The possibilities are chilling.

Liu's books are full of nail-biting action and page-turning suspense. The questions and mysteries surrounding the Dirk and Steel agents seem to grow with each installment and I, for one, can hardly wait for more titles. While the stories can be read as stand-alones, there is a bigger storyline running through them that will be missed and may be confusing to someone who hasn't read the previous titles. I would suggest this series be read in-order and in it's entirety.

For Dirk and Steel fans, this is a can't-miss book.

Liu has yet to let me down. I love her books and I love reading the Dirke and Steele steries. Liu has a wonderful way of taking the reader to exotic and new locations in each book. Her characters are unique in thier personalities, abilities, and beliefs. In this latest book, Amiri (once a captured prisioner in the Russian experimental facility) is sent to the African Congo to protect a scientist. Rikki is said scientist, who specializes in tracking the root of dangerious diseases/virus. Unfortunately she is also wanted by some very bad men. Rikki and Amiri go on the run in the jungle. This book is packed with action and suspense. I had a really hard time it down and I very much look forward to reading the next one.

A deadly outbreak of a virus has sent Dr. Rikki Kinn into the heart of Africa. She wants to find the source of the infection and stop it from spreading or occurring elsewhere. Unfortunately, it looks like someone has another plan in mind as mercenaries try to kidnap Rikki. The Dirk and Steele agency is called in to protect Rikki and now shape shifter, Amiri, finds himself back in his homeland, and back in the midst of a past he hasn't yet escaped. Will Amiri and Rikki survive when everything they hold dear is on the line?

THE LAST TWILIGHT is the seventh book in Marjorie M. Liu's long running series. It is best if you read the prior books to get the true feel as to what is going on as THE LAST TWILIGHT jumps headlong into some of the threads ongoing throughout the series.

THE LAST TWILIGHT is very action packed, almost overly so. It is very difficult to briefly summarize what occurs in the storyline without giving away significant spoilers as there is just so much happening. This is definitely the sort of book you want to read in large chunks as the plethora of characters and the constant switching of loyalties can become quite confusing if read in small increments.

Both the hero and heroine have tortured pasts and are hiding their own insecurities. I wanted happiness for them but for some reason that goal seemed almost elusive. Perhaps it was the discontent I felt as it was impossible to determine who could be trusted since the various characters popping in and out and switching sides had my head spinning at times. It's not so much that THE LAST TWILIGHT isn't a good book but rather that I wanted a happier ending for them. After enduring so much heartache and pain, Rikki and Amiri truly deserved their happily ever after to be exceptional.

Marjorie Liu has created a world that only gets richer and more fully developed as each book is released. I can't help but hope we see Rictor again as he was actually my favorite character in THE LAST TWILIGHT. Surely he is worthy of his own story as he definitely remains a mystery!

COURTESY OF CK2S KWIPS AND KRITIQUES

Very well structured book with clear examples. Serves good as a reference and starting point for network programers. Highly recommended book.

This book was the perfect reference manual for the busy network administrator that needs to quickly create powerful tools to enforce and monitor network security. From concept to implementation Schiffman will give you a thorough understanding of why and how to create open-sourced security tools that you can start using immediately. Using this book as a reference I was able to create a customized network sniffer and a few vulnerability analysis tools. Another great addition to my library that I highly recommend.

Books on hacking, cracking, exploiting, and breaking software seem to get all of the attention in the security world. However, we need more works like Mike Schiffman's 'Building Open Source Network Security Tools' (BOSNST). I regret having waited so long to read BOSNST, but I'm glad I did. Schiffman's book is for people who want to build, not break, software, and the way he describes how to create tools is enlightening.

The major theme I captured from BOSNST was the importance of creating useful code libraries. Six of the book's 12 chapters focus on libraries which provide functions for application programmers. While not all have gained the same amount of fame or use, the author's approach remains sound. Libraries are the building blocks around which numerous tools can and should be built.

This theme helped me understand the evolution of RFP's Whisker CGI scanner, released in Oct 1999 and deprecated in May 2003. Whisker lives on as a library, Libwhisker, in the Nikto Web server scanner. Similarly, Schiffman's chapter on Libsf mentions the utility of creating a library offering the functionality of the popular Nmap scanning tool. (Unfortunately, I haven't seen progress on this. Nmap author Fyodor last mentioned 'Libnmap' in his 2003 Nmap features survey, and it's not apparent in the tool's latest version.)

I found the six library chapters to be helpful. Some of the code has stagnated since 2002 (Libnids, Libsf), while some has continued to evolve (Libpcap, Libdnet, OpenSSL). Schiffman provides good explanations of buffer overflow and format string attacks in ch 10, and I thought his state machine-based port scan detector (Descry) in ch 11 was innovative.

One of the strongest sections of BOSNST is ch 12, where the author provides a 25-page code walkthrough of his Firewalk tool. This chapter is the model for anyone seeking to explain tool internals. Schiffman offers flowcharts, context charts, and explanations of code snippets. He doesn't simply dump page after page of C code in front of the reader. (Most chapters of BOSNST do conclude with the full source code for sample tools, however.)

I have no real complaints with BOSNST. I found minor errors in two diagrams (p 220, 223 should show the SYN/ACK or RST reply coming from the target, not to the target). Schiffman's writing style is clear and engaging, which makes a difference when explaining functions in code.

Those who want to learn how to assemble their security expertise in the form code libraries should read BOSNST. Those who wish to use the libraries found in the book, or those with similar functionality, should also read BOSNST. I look forward to Schiffman's next book, where hopefully he will finally update his biography to say 'AFIWC' (for 'Air Force Information Warfare Center') instead of 'AFWIC' (aka the UN's 'AFrican Women In Crisis' program).

This book was the perfect reference manual for the busy network administrator that needs to quickly create powerful tools to enforce and monitor network security. From concept to implementation Schiffman will give you a thorough understanding of why and how to create open-sourced security tools that you can start using immediately. Using this book as a reference I was able to create a customized network sniffer and a few vulnerability analysis tools. Another great addition to my library that I highly recommend.

If you don't read the man pages then this book is for you. After reading the glowing reviews I went out to purchase this book. I am extermely dissappointed. The lion-share of the book is merely API description. There are some neat examples in every chapter, but they are available on the internet... The end chapters of the book are well written concise summaries of known techniques and concepts (possibly the only redeeming component of the book)
After using libnet I was expecting something great from the man who wrote such an awesome library. Experienced programmers should use the man pages. If you're new to information security topics then you might find this book useful.
A newbie would be well served by this book.

This is a frightening preview of a very real, potential terrorist threat. Reading this exciting book in April 2003 provided a juxtaposition of Jiangxi Virus fiction and SARS fact, especially with SARS emanating from China and initial puzzlement in how the SARS virus developed. The book is well-researched, with interesting scientific explanations, a la Clancy, further reinforcing the credibility of the book's foundation.

Supercharged high tech action and a multi-national cast of compelling characters make The Jianxi Virus a captivating page-turner.

This is almost as scary as one of Stephen King's novels, BUT it could be true! Schlosstein has done his homework and readers will learn a lot about both China and bio-terrorism. Let's just hope and pray that it remains fiction and does not become fact.

This book will scare you almost as much as one of Stephen King's novels - BUT, it could be true! Schlossstein has done his homework and there is lots to learn about China and science inhis newest thriller. Just hope and pray that it remains fiction and not fact!

This book will scare you almost as much as one of Stephen King's novels - BUT, it could be true! Schlossstein has done his homework and there is lots to learn about China and science inhis newest thriller. Just hope and pray that it remains fiction and not fact!

Computer viruses are code. And this waste of paper would want to be a book on computer viruses without any viral code? You must be kidding me....

Peter Szor's book is definitely THE book any aspiring anti-virus researcher and computer security professional must read. It is very broad and information-packed, covering just about every single important aspect of computer viruses and anti-virus research. The book is very technical which, from my point of view, is a big plus - although beginners might find some parts of it daunting. This is definitely no "viruses for dummies" book. In the field of computer viruses and anti-virus research, this book is what Donald Knuth's Art of Computer Programming, The, Volumes 1-3 Boxed Set (2nd Edition) (The Art of Computer Programming Series) is for computer scientists.

The only gripe I have is that it is perhaps not deep enough. While every important aspect of viruses and anti-virus defense is covered, some of them are not covered deeply enough. This is not the author's fault but the publisher's. Originally, the author intended to write two separate volumes (one dedicated to computer viruses and one dedicated to anti-virus defenses), covering in depth every aspect of these two areas. However, the publisher imposed size restrictions on him. Although the book is rather thick (700+ pages), the space is still not enough to cover in sufficient depth every important aspect of this field.

However, each chapter contains references for further reading and the interested reader can do their own research of the aspects that are not covered deeply enough.

In summary: excellent book, useful both as a textbook and as a reference. Great read, information-packed, useful. Just don't expect to find any "how to write a virus" recipies there - fortunately, the author went to great lengths to avoid them.

As a relative amature in the subject of computer viruses, this book was very helpful. With a little background in basic computing, you can easily understand this book. The book starts off simple virus from back in the day, describing the first viruses to appear. The book then goes into detail about the more advanced forms of virus infections and viruses to appear on more modern systems. After reading the book, i came away with a new respect for the art of self replicating code (aka Virus), and the techniques that virus researchers use to develop software to protect your PC from these threats.

I was wondering in the bookshop trying to find some in-depth books on Computer Virus and Network Security and suddenly I came across this book. In a few pages the book lit up my eyes and the author successfully attracted my attention and I was simply amazed by his solid background and rich knowledge and also his effort in presenting all the materials in an orderly and logical way that has successfully flatten the learning curve for people fresh to the area.
Well, some people may complain that this is a disappointing book in that it hasn't gone far enough to illustrate the necessary virus writing skills and they believe only in this way can one speciallized in virus defense benefit most. Again, this is not the truth as far as I see. If one simply want to write virus by following existing codes he can only gain a narrow horizon by focusing upon one or two popular virus. But as the old idiom goes, you will miss the forest by seeing a tree only. New virus are produced by those high-intelligent poeple everyday and promises to continue to come in the forseeable future. New technologies too, emerge and then disapper with the patch or hot fixes. But as long as you have a comprehensive knowledge of the basic of virus research and defense you will never lose in this battle against virus. I think the author has trying to model his book to be some thing beyond the mere technology collection but to present to us how one might equip himself with the fundamental knowledge of the virus's history, main ideas, or even try to give definition in some places. So this is why the author names his creation to be "Virus research & defense" instead of "virus writing & defense". And as far as I see, his attempt has been a huge success.
And what's more, even for people who are crazy about writing virus this book is not such a disappointment. It incorporate many code snippet into the book and these code has actually reveal the dark side of the virus and one smart enough and with some knowledge in coding will be able to rebuild the complete viruses. Those who complain about the lack of virus writing skills might better try to figure out the reason in themselves. Anyway, there are a lot of sample virus within your easy reach on the internet. So why take the trouble to reproduce it here?
And finally I would like to show my thanks for the great effort Peter has spent on this book. For me this book has brought to me great pleasures and it has helped to orgnize my knowledge about computer virus in a more systematical manner. For those either new to the area or those professionals this is a must read and you shouldn't miss it.

If you are interested in historical details about viruses/malware, if you are searching for details about various techniques getting used by malicious software and if you are interested how people in the AV industry work... This book is definatly THE reference. Peter, a very competent virus researcher, who is known through his various articles in the Virus Bulletin magazine shows you all the techniques you need to analyse, to detect and to remove malicious software. His technical overview includes the entire history of computer viruses and is written in a very impressive and entertaining style. While I have read many books and articles about exploiting software, he also serves the most understandable definition of exploiting techniques like the classical stack overflow etc. I must say that his style impressed me so much that I read through the book in one day, something normally happening to me when reading thrillers of James Patterson. But this book is so well written, that you can rarely lay it out of your hands. You just want to know where Peter leds to, the next step in the voyage through the malicious world of computer viruses and malware. This book is geared through everybody trying to understanding what's happening in the malicious code polluting the Internet. For me well worth the money I spent on it.

I decided to read more about C.J. Peters after I concluded The Hot Zone; finding myself infatuated with this semi-mysterious, tropical-shirt wearing military officer and virus researcher. I was fascinated by this man whose experience and research will and has changed history.

Despite the unmatched experience, education and brillance of C.J. Peters intellect, I found the tone of this book suprisingly "down to earth" Peters is clearly a scientist who an experienced mentor. I sensed he does not see how extraordinary his life is; only that he is aware he is a man who has pursued his passion.

Having recently read both The Hot Zone (marburg), and Preston's Demon in The Freezer (smallpox), I felt I comprehended the power of airborne virus'. What I gained from Virus Hunter was just how much research, time and passion it takes for scientists to learn about these diseases. The intensity of virus research and trying to save human lives makes for an extraordinary read, particulary from the first hand accounts of a true virus hunter (I found his character truly translates to an Indiana Jones of the viral world...pursuing his subject deep into Brazil, the Sudan, and Virginia...)

Peters shares experiences including communication attempts with people around the world, and a need to relate to their lives. He wrote of adventures trying to reach rural locations in South America. He also respectfully recounts the stories of other scientists who succumbed to virus' illness, and the need for the research community to see these deaths as something to hold in mind while seeking a cure. Clearly attaching specific individuals (whether lab researchers, or individual unnamed patients who he watched die) as representatives of why cures MUST be found.


The only lull in this book is about 3/4 though the early chapter about the Four Corners outbreak, the initial story was intiguing (and as you will see ties distinctly into the entire theme of the book), however, it did drag. This was the ONLY slow part of this book. The rest was amazing.

C.J. Peters is the kind of scientist you want to sit, and UNDERSTAND what he sees and learns. He can easily communicate with the average person, and with those at the highest level in military and intellectual leaders. I so wish I had such a passionate scientist who has as much respect for women biologists as men; a scientist whose infectious (pun intended) passion raises everyone sense of curiousity about the subject he teaches. I believe more educators with his passion would produce more passionate scientist, and people willing to take on the overwhelming accomplishment of achieving a biology degree at University.


I would strongly, strongly recommend this book to anyone with any sort of interest in biology, disease, virus, or just anyone who enjoys a terrific adventure.

The sharing of his personal details, and the mating habits of top scientists (they date among their own kind...) added a true depth to his storyline.

I found this book utterly brilliant. The clear message is everyone must be aware of the dangers of viral disease, the serious nature of these illness' which are not classified as bacteria...nor parasitic. Also, the tight budgets created for medical research are truly a danger to the future of our health and those of developing nations.

While I was eating dinner the other night, I was deep in Virus Hunter, reading the descriptive details of what Ebola does to the human body. The thought suddenly struck me...I am eating and reading about subcutaneous hemorrhaging without even a blink...

Now THAT is a good book!

Everyone who is interested in life threatening diseases has come upon the name of C.J. Peters, a leading figure in epidemiology for at least 20 years. So, when i saw the book i bought it just to get an insight of the man himself. What i found was an inspiring manifest of how ''the job gets done'', written by a deeply stuborn, sensitive and respectfull scientist. It is not only a fine book on emerging diseases, it is also a call to medics and politicians alike to enlist to one of the most important, yet underated, scientific fields. Don't miss it.

An excellent book!
This books reads like a thriller as the authors take the reader from one hot zone to another. My appreciation for the bravery and humanity of individuals who do this has increased manifold after reading this.

I extremely enjoyed Dr. Peters's book. The only thing that I can argue with him about is in the chapter titled Cochabamba, when he describes Bolivia's geography he makes a mistake. I expect that he got confused, but he said the that the Kollas live in the lowlands of Beni and Santa Cruz and the Cambas in La Paz and the high altitude Altiplano. Well, the truth is that Cambas live in the lowlands of Bolivia and Kollas in the highlands. Otherwise I found the book very good and entertaining. I recommend everybody to read it, but to remember the Camba-Kolla explanation.

The maps of South America & Africa were confusing - they put a lot of effort into identifying most of the Countries, but many of them didn't feature in the text, so why give the Geography lesson?

The 20 photographs were of some interest, but there was only one photo of a patient with symptoms, and only one of a virus - I wish there'd been more of those and less of head & shoulders like having a meal and daughter's high-school graduation?

Great disappointment - absolutely no Index!

The penultimate Chapter 11 gives a prediction of Avian Flu originating in Thailand - just what we're getting news about this month (Jan 2004) - but this book was published in 1997. Given the age of the book, its probably not surprising that Chapter 12 is very out of date (as in 'wrong') regarding its description of BSE (Mad Cow Disease) & CJD.

Was it necessary that we be told what the wife of the 'ghost writer' does for a living?

The book teaches all that one wanted to know about computer viruses & vaccines. It also teaches how to write good assembly programs in a simple manner. Buy this book and you won't be disappointed!

I tested a few of these programs for effectiveness on a Win95 and 98 (not 98se) machine. Wow, i was impressed at the speed and efficiency of the given code!
I have programmed in assembly, and this taught me a few tricks i hadn't seen before. Who knew that u could reach hidden functions in kernel32.dll?
Not I, not until now. I highly recommend this book for the curious, advanced, and master programmer alike.

You will learn the structure and power of assembly based virii, and how (if you think about it) to defend against them. A great little gem if you want to know how bad you can 'get it'.
hope this helps

This book was written over ten years ago, so obviously you are not going to read it and be on the cutting edge of virus writing and protection at this point. However, this book is still an excellent one for those who want to learn the ins and outs of Windows systems programming including how your computer can be controlled/manipulated using some assembly language and the operating system as it already exists. Basically, the author is using the subject of viruses to educate you on the fine points of assembly language programming for the PC without you knowing it was ever happening. I highly recommend it. However, as other reviewers have already said, the book is now free online, so don't pay some ridiculously high price believing its contents are a rare find.

This book is written to be accessible to anyone with a little experience with assembly language programming, or to anyone with any programming experience, provided they're willing to do a little work to learn assembler. Actually, this book acts as a pretty good tutorial on assembly language programming itself. The book is broken down into three parts. The first section discusses viral reproduction techniques, ranging from the simplest overwriting virus to complex multi-partite viruses and viruses for advanced operating systems. The second section discusses anti anti-virus techniques commonly used in viruses, including simple techniques to hide file changes, ways to hide virus code from prying eyes, and polymorphism. The third section discusses payloads, both destructive and beneficial. The following is the table of contents.

Introduction
Computer Virus Basics

PART I
The Simplest COM Infector
Companion Viruses
Parasitic COM Infectors: Part I
Parasitic COM Infectors: Part II
A Memory Resident Virus
Infecting EXE Files
Advanced Memory Residence Techniques
An Introduction to Boot Sector Viruses
The Most Successful Boot Sector Virus
Advanced Boot Sector Techniques
Multi-Partite Viruses
Infecting Device Drivers
Windows Viruses
An OS/2 Virus
Unix Viruses
Source Code Viruses
Many New Techniques

Part II: Anti-Anti Virus Techniques
How A Virus Detector Works
Exercises
Stealth for Boot Sector Viruses
Stealth Techniques for File Infectors
Protected Mode Stealth
Polymorphic Viruses
Retaliating Viruses
Advanced Anti-Virus Techniques
Genetic Viruses
Who Will Win?

Part III. Payloads for Viruses
Destructive Code
A Viral Unix Security Breach
Operating System Holes and Covert Channels
A Good Virus
Appendix A: ISR Reference
Appendix B: Resources

Ok this book is about computer viruses but for those of us who have no intention of writing viruses, this book can teach quite a bit about system programming. The aurthor is clearly a very good programmer and he is able to teach the subject well.

Mr Ludwig, I think you should consider writing "under the hood" articles for the benefit of other programmers.

This book is a classic exposition on the programming of computer viruses. I concur with the other reviewers in that this is the best book ever on the subject (it is likely the only book on the subject from my searches). The first edition of this book is free to download from the publisher's website (search for American Eagle Publications in Google because Amazon.com won't let me put the URL) (it requires you to register but that is free too) along with the Little Black Book of Computer Viruses and lots of other information. THIS BOOK CAN STILL BE PURCHASED NEW FROM THE PUBLISHER'S WEBSITE for forty dollars, so don't order an overpriced used copy from Amazon.com (at the time of this writing, some jerk was trying to sell it for over one hundred dollars used! What a rip-off!).

Ray Brown, a recovering alcoholic and computer genius is about to become either a hero or a villain. The choice is his.

Dianne Morgan is the CEO of one of the top two software companies in the world; and she is enraged by the government's humiliating decision in an anti-trust trial. She's also a member of The Domain, a group of computer programmers dedicated to taking control. . .of the world. They collectively have designed "PeaceMaker," a virus built into the most popular computer operating system in the world. Its function: to overtake 90% of the world's computers and cause a disaster, to which Dianne Morgan and company can miraculously appear and offer help.

Morgan recruits Brown, a former lover, to help her, though Brown distrusts her motives. He agrees, if only to prohibit implementation of the plan, because he has seen one of the possible effects of the program-the personalized computer of his eldest son, David, is infected, and it is in the process of destroying the young man's mind - and ultimately his life.

But another company knows about "PeaceMaker," and its goal is more sinister than Morgan's company.

Morgan proves to be a sympathetic character at times, but for the most part, she's psychotic and controls men with blatant sexual advances.

The other female supporting character also turns out to be morally corrupt and enjoys participating in sexual activity in front of an audience.

The portrayal of these two women, at times, reads like a letter to Penthouse, and it almost caused me to quit reading the book. The scenes did not add to or move the plot forward, and their deletion (i.e. ignore them) actually propels the fast-paced action forward at a more appropriate pace.

The sexual content aside, the book is a fascinating look at a possible future, with scenarios caused by fanatical idealists (terrorists). The premise is thought provoking and disturbing-what if?

Ray Brown is a grand hero, a flawed man who manages to rise above his self, and in spite of those who want to see him fail, perseveres. I rooted for this nondescript character to overcome the odds, and that's what makes a novel worthwhile.

In the end, I was glad I didn't fling the book across the room in exasperation at the gratuitous sex scenes.

The story is ideal for the big-screen, and I wouldn't be surprised at its success under a sharp screenplay adaptation.

Bottom line: Intrigue, slightly futuristic, plausible storyline with a likeable hero.

The author, Dan Ronco, brings to the book his experience with Microsoft and other technology companies at the senior management level. His background in research and product development, as well as knowledge about existing software gives "PeaceMaker" above-average credibility.


Interview with Dan Ronco
by Dian Moore

DIAN: I've found some of your biography online, and I know you are well-versed in software design and implementation and hold not one, but two Masters' Degrees: Nuclear Engineering and Computer Science. I read you once designed submarine nuclear reactors, but then moved on to the world of software design, research and development. What prompted the change?

DAN RONCO: I discovered that I enjoyed software development much more than reactor engineering. I was hooked the first time I wrote a computer program. I'm still hooked.

DIAN: What was the seed that planted the story of "PeaceMaker" in your imagination?

DAN RONCO: The inspiration for the story came from the rapid growth of worms and viruses throughout the 1990's. As you may know, Microsoft was and continues to be the primary target of virus writers due to the popularity of its software. My mind focused one day on worst case possibilities and I realized the danger of a sophisticated virus to Windows, which is the platform for much of the information processing across the globe.


DIAN: The story that unfolds in "PeaceMaker" is one that I can see coming to fruition as technology continues to advance. What are your thoughts? Do you see terrorism by software as an impending threat?

DAN RONCO: Yes, software terrorism is already a threat, and it will become even worse over time. When a virus attacks Windows, someone has to detect and report the problem, other people have to develop and distribute a fix, and millions of users have to apply the fix. A relatively slow process, but it works as long as the virus isn't too destructive, doesn't spread too fast (or secretly) and doesn't evolve too rapidly (the fix won't work if the virus can change tactics). In "PeaceMaker", I envisioned a fictional virus attack that exceeded these parameters. At some point within the next decade, a terrorist may be capable of launching such a sophisticated attack.

DIAN: How much of Ray Brown's character is that of your own?

DAN RONCO: I share Ray's love for technology and his sometimes quirky sense of humor. The rest - the intellectual brilliance, hard-edged intolerance, alcoholism, and infidelity - is not uncommon in such a high pressure occupation as information technology. Ray is a composite of several people I've worked with in the industry, with just a dash of myself.

DIAN: "PeaceMaker" is your first novel. How did you go from technology guru to writing a book, and what process did you use to get into the heads of the characters?

DAN RONCO: After more than two decades in the IT business, I felt that it was time to do something else. Although I loved the work, 70 hour weeks and heavy travel take a toll. Besides, I had been thinking about writing a novel for years, but hadn't made much progress. It was time to choose. So I quit my job and concentrated on writing.

The characters are composites of people I've met over the years, often taken to the extreme. As a consultant, I have had the opportunity to work with all types of people - from CEO's to IT professionals to assembly workers in the line. I began "PeaceMaker" by defining the core characteristics and motivations of the lead characters, then let them drive the story.

DIAN: As part of the story in "PeaceMaker," some pretty evil villains surface with advanced weapons and they aren't afraid of killing. Your background lies mainly in intellectual expertise, including technology. How did you research or determine how the violence would play out?

DAN RONCO: I had an advantage - if you want to call it that - growing up in Newark, NJ. Violence was all around. Understanding the motivation, capabilities and limits of the more violent characters was a survival skill. This may be surprising, but violence is not unknown among IT professionals. I've seen fights break out and chairs tossed through windows! I supplemented my experience with research into terrorism, since Dianne and her group were, at core, software terrorists.

DIAN: How long did it take to write "PeaceMaker?"

DAN RONCO: Approximately four years, although not on a full-time basis. During that time period, I developed a fairly detailed outline for all three books in the series and prepared a preliminary draft of the second book, in addition to completing "PeaceMaker".

DIAN: With the success of this first novel, what lessons have you learned as a writer, and what changes would you make if you could start over?

DAN RONCO: When I started, I had no idea how difficult it is to write well. I thought that once you had the concept for the story, the words would just tumble out of your mind onto the page. Man, was I wrong. I just went over to my bookshelf and counted the number of books on writing that I own. Thirty-seven books! Add to that the countless hours I've spent analyzing other writers' work, attending my writer's group and rewriting my own work. Extremely difficult, but what a feeling of satisfaction when you get it right.

DIAN: "PeaceMaker" has been touted as the first of a trilogy. Will the characters from this book also be in the others? What are the next books about?

DAN RONCO: The "PeaceMaker" trilogy dramatizes the question: how much technology is too much? The first novel, as you know, illustrates the consequences of a runaway, lethal computer virus. "The Army of God," set in 2022, considers the meaning of being human as artificial intelligence begins to approach human intelligence. The last of the trilogy, set in 2025 and tentatively titled "Tomorrow's Children," considers the risks and benefits of genetic engineering. The lead characters - Dianne Morgan, Ray Brown and his son David - appear in all three books. New characters also populate in each book.

DIAN: My only complaint with "PeaceMaker" was the graphic depiction of the female characters as immoral, Penthouse-type figures. In my review, I make brief mention of that, and I re-read over those sections of the book with those parts concealed to see if they were necessary. I found they were not necessary to the plot movement, and they tended to slow the story down. As a female reader, I felt insulted and let down that no ordinary, moral women played a part in the story. Why did you include those devices in the story?

DAN RONCO: I assume you're referring primarily to Dianne Morgan. Although she has many admirable qualities, Dianne is the chief villain of the trilogy. Ray is attracted to her because of her intelligence, determination, charisma and, yes, her sexuality. Although Dianne admires Ray, her feelings for him are a distant second to her drive for power. The twisted attraction between these two is not resolved until the last page.

The supporting female characters vary in character. Among the more honorable are Nancy, Ray's former wife, and Linda Tidesco, a top software developer.

DIAN: Can we look forward to a likeable female character in future books?

DAN RONCO: I believe you'll like Kathy Bauman, as well as her lover, David Brown. Kathy and David swim through a sea of predators, both male and female, in "The Army of God."

DIAN: I'm definitely hooked on Ray Brown and techno-wars, and overall I give this book a 3½ out of 5 stars rating. I feel, with very little effort, your next book(s) has great potential to succeed in both the science fiction and thriller genres, and that "PeaceMaker" would be adaptable to the big-screen. Are there movie plans?

DAN RONCO: I'd love to see "PeaceMaker" on the big screen, but nothing is in the works yet.

"Peacemaker" by Dan Ronco, is the first in his sci-fi thriller series. I read the second book, Unholy Domain, first and gave it 5 checks. His last, "Tomorrow's Children", will be out in the spring of 2009.

On Dan Ronco's website, DanRonco.com he says he came up with the idea at work. At the time, he was a general manager at Microsoft. I thought "Wow, a book about Microsoft's goal of being the only software in the world!" However, it is not. It's better!

I'm not going to summarize the plot, there are many other reviews that already do that. But I will say the two competing operating systems are Atlas and Companion, similar to Windows and Apple/Mac. The software systems and an anti-trust lawsuit by the government are the only similarities to the Microsoft and Apple.

Peacemaker has a subtitle, A Thriller, and that is dead on! I read in one day, a Sunday, and it was an exciting and fast-pace story. The writing was not as smooth as the second book as there were spots that repeated itself; however, it did not take anything away from the up and down suspense of the plot! Even though I know what was going to happen from reading the second book, it drew me in and captivated me.

Piers Anthony wrote: "Exciting, violent, thoughtful, and unfortunately true to life...a powerhouse of computer adventure."

I definitely will be in line for third book, "Tomorrow's Children".

I finished this book within 24-hours. I almost finished it in one sitting. I was captivated by the interesting and fast paced nature of the plot. The storyline was simple enough, but believable enough to be scary. I am a "hard" science fiction junkie, and I liked how this novel had an element of "hardness" to it, but was not overly complicated with details and really focused on moving the plot forward and creating complicated situations for the compelling characters.

I found the characters to be likable, but obviously flawed. The female characters simply oozed sexuality at every encounter. With the background and preliminary story developed for each character in the opening chapters, it was easy to follow and believe in each move they made and their motivations were expected and not randomly generated.

This book met, and exceeded, my expectations for a first novel. It was short, easy to read, captivating, and unique (which is probably the most important). It was not only unique in the idea of the computer software virus, but unique in the direction that the story heads afterward. It's one thing to create a world shattering event, but it is another thing to take that story in a direction that will become more interesting, both of which Ronco excels in doing. Using the analogy of a post apocalyptic book, I would not want the apocalypse to be the most interesting part of a book. You want the characters reactions and the story of their survival to be the most compelling, which "PeaceMaker" achieves in its own right. The "PeaceMaker" virus is just the tip of the iceberg. It is everything else that makes this book worth reading.

I look forward to the rest of this series (I think I read it will be a trilogy) and more to come from Dan Ronco. I'm glad I got in early in his writing career.

Highly recommended. This book was a breath of fresh air compared to the massive numbers of like-minded, similar stories that are churned out each week.

J.Stoner

"Peacemaker" is the debut novel by author Dan Ronco. Ronco has experience in the software industry so it is with personal knowledge and experience that he crafts the story of artificial intelligence and the future of the technology industry. Ronco presents this novel as what could be a worst case scenario with software terrorism and a future where this could be an issue as serious as nuclear war.

Dianne Morgan is the CEO for VantagePoint Software, the maker of Atlus, the most popular computer operating system in the world and one which is in nearly ninety percent of the world's computers. This obviously brings to mind a company called Microsoft. Morgan brought to trial by the United States government in an anti-trust lawsuit and her company is broken into smaller companies. This is something that has happened several times in our nation's history. Her revenge is to unleash a computer virus called Peacemaker. Peacemaker has the capability to infect and shut down nearly every computer on the planet. Her goal: nothing less than global domination. The only man who can stop Peacemaker is Ray Brown, a software developer who helped make Atlus the most popular piece of software on the planet.

The novel becomes something of a cat and mouse game as Ray stumbles across Peacemaker and learns of the scope of this virus which is so sophisticated that it is an artificial intelligence. Dianne Morgan is preparing to unleash Peacemaker on the world and while she needs to stop Ray she also wants to convert Ray to her side since they share a past together.

The concept behind "Peacemaker" with the ideas of software terrorism and the artificial intelligence and just the scope of the issue is fascinating and helps the reader press on through the book because I certainly wanted to know how things played out. The problem is the writing and the characters. The characters seem to be mainly one dimensional and Ray's inner struggles regarding his alcoholism seem somewhat childish. The other characters are not any better and most are even more one dimensional. Before each chapter there is a one or two quotes from a future newspaper or novel regarding some of the characters. What this does is let the reader know a little bit how the events of this novel will play out and affect the world years down the road. It kind of takes some of the tension out of the book.

Ronco has a good deal of potential as an author because he has one very important gift that can't be taught: the ability to come up with a very interesting story idea. I have no doubt that his skill as a writer will come as he continues to write. "Peacemaker" was a very fast and easy read, but it is not without some serious flaws in the execution of the novel. It is difficult to recommend "Peacemaker", but the positive is that the concept behind the novel is a good one.

-Joe Sherry

In the interest of full disclosure, Mr. Ronco wrote me and asked if I would be willing to read and review this book. No promises were asked or made as to what I would say about it. My basic problem with the story is that the characters are not fleshed out very well. We find them already formed, already bent on trying to introduce PeaceMaker to the computers of the world or prevent it from happening, depending on the character. The character of Dianne is far too manic in her mood swings to be believeable, just for starters. Her motivation is said to be the humiliation she received when held in contempt by the court at the anti-trust trial involving her computer company. If so, her reaction is extreme and otherwise unexplained. The book reads more like the outline of a larger book in which there is an interesting story to tell if done right. It just does not get done very well.

Ah, sweet revenge. His letters made me laugh so hard and I can't help but wonder what the person on the other end was thinking when they read them (if they did). Hilarious, a must read.

The curse of the electronic age, SPAM eventually forces its way into the life of anyone with an email address. While there are many books and articles about how to reduce this problem, Jonathan Lund has taken his own personal war back to the spammers. Instead of just deleting the emails he responds to them. Of course he doesn't respond quite the way the spammers expect. His responses are an attempt at humor and wit that often falls short of the mark, but then again at times is absolutely hysterical.

Particularly funny is his correspondence with people who are naive enough to accept his satirical comments at face value. His correspondence with textile manufacturers and the infamous Nigerian money launderer is brilliant.

With writing that covers the whole range from a poor attempt at humor to laugh-out-loud funny, to bizarre, the reader is sure to find several emails entertaining no matter what your preference in humor. The Spam Letters is a recommended read.

Have you ever wanted to "strike back" at the spammers and the con artists? If so, you'll enjoy The Spam Letters by Jonathan Land (No Starch Press). This is a funny read...

Chapter list: Introduction; Products for Prey: Part 1; Foreign Affairs: Part 1; Spam Potpourri: Part 1; A Quick Buck; Interlude: Bad Impressions; Products for Prey: Part 2; Foreign Affairs: Part 2: Nigerian Scam Artists; Sex Sells; Spam Potpourri: Part 2; Warning/Disclaimer: Do Not Try This At Home

This isn't a book that is going to give you any technical insights or strategies for dealing with spam. Actually, it *will* give you a strategy... yank their chains... HARD!. Land has taken various spam emails he's received (or that have been forwarded to him by co-conspirators) and let his warped creative writing skills loose. Some of his efforts were more for his own benefit, as it was obvious that the return address was not going anywhere that was real. But his real classics were with real emails who decided to scam or spam the wrong person. His exchange with the fabric wholesaler in the middle east is funny. The series with the stainless steel broker is just plausible enough to be real (and the broker played along well). The best efforts were reserved for the Nigerian scam artists. His scenarios of playing off scammers against each other, asking for bigger cuts, and playing the role of both financial advisor and committed asylum patient gives any reader who has received one of these emails a vicarious thrill.

This is an excellent recreational read, but I probably shouldn't have opened it. I'm just warped enough to think I could do this too... :-)

Author Jonathan Land actually has running dialogs with spam writers, published in such prestigious places as New York Times and Entertainment Weekly, so it's not surprising The Spam Letters provides such a delightful package bringing all the dialogs to one place, under one cover. Land's favorite exchanges with spammers are a laugh a moment- and all too real - making The Spam Letters that perfect gift for the serious computer geek who 'has everything' but too much humor.

This is one of those books that everyone should read - so that we can all vicariously through Jon Land's dive into the land of spammers... and in agreement with others - catching him on NPR is more than a treat - its an addiction waiting to happen (think chocolate).
For the geek and for the not-so-geekish, this book serves as a living history of the frustrations we all have felt when dealing with SPAM. Mr. Land just found a great way give some of that frustration back to the SPAMMERS - and to give us geeks something to chuckle about when reading about V|AGRA or the fortunes that await us in Nigeria... and we can take comfort in knowing that we're not alone in out frustrations.
Thank you, Jon!

This is a truly great introductory security book. It does a very good job in explaining the basics for those that might be new to the topic of security, and manages to do so without the gross oversimplifications that are all to common in books aimed at the uninitiated. While this is definitely more of an introductory text, I was very happy to see good coverage of topics such as encryption and biometrics, and even an appendix covering TEMPEST. A truly great book for learning security concepts. I'm going to look into switching the present text for this one in one of the introductory security courses that I teach.

It's a good book for starters. Covers security concepts pretty well even for it's age being published in 1991 I believe. There's a lot of history and references. The author definately did her research. Other than being a starting point there are a lot of other good books out there to fill in the blanks and pickup where Computer Security Basics leaves off. Plus, you can read this book in a week or less.

It still surprises me how many of my information technology colleagues still have no clue when it comes to computer security. This particular book is one I'd feel really good about when it comes to a recommendation to get them up to speed on the subject... Computer Security Basics (2nd Edition) by Rick Lehtinen, Deborah Russell, and G. T. Gangemi Sr.

Contents:
Part 1 - Security for Today: Introduction; Some Security History
Part 2 - Computer Security: Computer System Security and Access Controls; Viruses and Other Wildlife; Establishing and Maintaining a Security Policy; Web Attacks and Internet Vulnerabilities
Part 3 - Communications Security: Encryption; Communications and Network Security
Part 4 - Other Types of Security: Physical Security and Biometrics; Wireless Network Security
Part 5 - Appendixes: OSI Model; TEMPEST; The Orange Book, FIPS PUBS, and the Common Criteria
Index

While not a technical "how to" manual, this book does a great job in dealing with technical issues and concepts. Pretty much all the significant issues surrounding computer and technology security these days is covered in sufficient detail to allow for a functional understanding of the topics. For instance, the chapter on viruses would allow even the most clueless techie to grasp the problems. The authors distinguish between viruses, worms, trojan horses, bombs, and other various nasty surprises. The history is valuable to understand how we got into this condition, and by the end of the chapter you'll know what you need to do to start to combat the problem. From there, you can dive into the more technical details of any one of the areas that pertain to your particular situation.

For a subject that could be painfully dry without much effort, Lehtinen et al. do an admirable job in keeping the reader engaged and involved. If you're trying to educate someone who hasn't kept up with the topic of computer security, this would be a very good starting point...

The problem all computer books have is that they are almost out of date before they reach the bookstore as things change so quickly and unfortunately this 10 year old book, although okay for the casual reader who may want an understanding of security generally, is a dinosaur concentrating on old technologies, orange book concepts and not even touching on modern problems like distributed denial of service, e-mail viruses etc. Very disappointing for an O'Reilly book. An update is long overdue.

This book is the long awaited second edition of a classic book in basic computer security. It is an introduction to the field, not a technical reference. If you need details on a particular aspect of computer security, you should refer to another more specialized book. Since Amazon does not show the table of contents, I review this book in reference to its table of contents:

Part I, SECURITY FOR TODAY
Chapter 1, Introduction
Introduces computer security: what it is and why it's important. It summarizes the threats to computers and the information stored on them, and it introduces the diffe