By Matthew Humphries
July 17, 2010
Usually, when installing a new operating system the hope is that it's as
up-to-date as possible. After installation there's bound to be a few
updates required, but no more than a few megabytes. Damn Vulnerable
Linux is different, it's shipped in as vulnerable a state as possible.
The idea behind DVL is to offer an operating system for learning and
research for security students. As the DVL website explains:
Damn Vulnerable Linux (DVL) is everything a good Linux distribution
isn't. Its developers have spent hours stuffing it with broken,
ill-configured, outdated, and exploitable software that makes it
vulnerable to attacks. DVL isn't built to run on your desktop - it's
a learning tool for security students.
At 1.8GB the ISO can be used as a Live CD, or installed as a virtual
machine using a package like VirtualBox or VMWare. Once installed it can
be used as a training environment for teaching, "reverse code
engineering, buffer overflows, shellcode development, web exploitation,
and SQL injection."
Old versions of software including Apache, MySQL, PHP, FTP and SSH
daemons are included as well as the tools needed to exploit them such as
GCC, GDB, NASM, strace, ELF, Shell, DDD, LDasm, and LIDa.
Attend Black Hat USA 2010, hosted at Caesars Palace in Las Vegas, Nevada
July 24-29th, offering over 60 training sessions and 11 tracks of Briefings
from security industry elite. To sign up visit http://www.blackhat.com