And you teach the course?

It's good to see that there is a smart ass in every forum! Long story, but relatively new to the security field but placed in a teaching position....military, go figure.

if you spend a little time reading these forums you'll find a lot of smartasses, the reason he asked is because even though you have a story your true intentions are not known

You probably will not find someone willing to provide you with code in this forum for worms, virii, etc. However, if you are going to be doing research in worm propogation, infection vectors, etc, you should be able to find lots of resources available publicly. There have been a few programs out there that have source code available that can do what you are talking about.

Your best bet is to do some looking into recent virus/worm trends and check out sites like http://isc.sans.org for write-ups and analysis into those trends. Good luck with your research and teaching.

I figured that thought process would be a problem. Lot's of weak excuses for wanting knowledge of how the code works.....But when you are in a position like mine and people are reluctant to help for obvious reasons, how am I supposed to go about learning?

Look around vx.netlux.org its got tons of info on virii and such. Hope that can help you.

The trick is to figure out the code words. Then do google searches on them. For example "NetBIOS" search will yield good resources on the protocol, and "enumeration" will give you a lot of mathamatic information. Now combined the two "NetBIOS enumeration" in a google search, and see the good stuff you want surface.

Try to figure out how people refer to things in the security world, using commonly used TLA's and/or standard english, apply this to your searches.

You mentioned malware and how to get it's internal source code. So you already have the ingredients, now all you have to do is mix. Here's a good google search "malware source code".

Also mentioned was how to use this data or reverse engneering the code to better understand it. Let's mix these ingredents. Google search "reverse malware"

NOTE: All three google searches above are extreamly relevent to your concerns, further assistance should be provided by google exclusivly :surprised

I'm not a smartass, but I am a dumbass, and I too question your origins.

In order to be a teacher in the US, aren't you required to have teaching credentials? Don't those require going to college? A library is a good thing. I really can't understand how people can graduate from college and then continue to get a teaching credential without knowing something about getting around a library. There are things called "author, title, subject and keyword" searches available at any modern library. I wonder what you would find if you search for keywords "computer virus" with the LC?

One older example is from a professor who teaches or t one time taught in AZ. Maybe a search for "Mark Ludwig" as an author/professor may be of help at your library. (One of his books even comes/came with old samples on floppy disk.)

If you want to build a worm with "source code" plenty of examples of payload-less worms can be found with the help of google. There are even sites that have archives of old viruses/worms if you use the power of a search engine. If you don't want the code, then find old copies of Windows XP, or 2000 or 95/98/ME without SP and updates and leave expopsed to the Internet.

You can even quarantine viruses with most modern AV software, if you choose to.

Not in California.

If you are interested in your students checking out 'malicious traffic' try looking at something like SNOT ( http://www.l0t3k.org/tools/IDS/snot-0.92a.tar.gz) or Stick. They take SNORT signatures and replay them on the wire.

Appreciate the info

Just wanted to thank everyone who took a moment to point me in a productive direction, even those who weren't as helpful because they questioned my motives. I have the same thoughts when I see similar questions in forums. Hopefully I can make use of everyone's help and intergrate some quality instruction in my course. As always, defcon.org is an awesome place for knowledge/asistance.

Well, I'm glad you took it all well. Understand that we dont know you at all. We get a lot of people through here that are looking for this type of stuff. You could be who/what you say our are, or you could be looking to cause trouble. As a security professional trust is not implicit, its explicit, and even after its established it needs to be monitored and verified. This environment is untrusted, not you specifically, but the medium being used; so as security professionals we have to not trust and question any communication using this medium.

Assuming you are a teacher, if you mention the forums to your students, please be sure to convince them to read the rules, and not to be "tards." If they should find the need to post something, make sure they ask a search engine, and research it on their own before asking here, and then use an appropriate thread.

This has been a public service announement.

Where the hell is the NBC logo and the big name stars? I mean Cot, if it were truly a public service announcement wouldn't it have those things?