Slashdot Mirror

← Back to Stories (view on slashdot.org)

Damn Vulnerable Linux — Most Vulnerable Linux Ever

Posted by timothy on from the in-context-it's-barely-vulgar dept.

An anonymous reader writes "Usually, when installing a new operating system, the hope is that it's as up-to-date as possible. After installation there's bound to be a few updates required, but no more than a few megabytes. Damn Vulnerable Linux is different; it's shipped in as vulnerable a state as possible. As the DVL website explains: 'Damn Vulnerable Linux (DVL) is everything a good Linux distribution isn't. Its developers have spent hours stuffing it with broken, ill-configured, outdated, and exploitable software that makes it vulnerable to attacks. DVL isn't built to run on your desktop – it's a learning tool for security students.'"

7 of 227 comments (clear)

  1. Great Learning Tool by bytethese · · Score: 4, Informative

    We used it in my Forensic Computing masters program in some classes, definitely useful in our Network Security and Architecture of Secure Operating Systems classes to show what can happen with buffer overflows, gaining root access, etc.

  2. Honey Pot Module coming up next week. by ls671 · · Score: 5, Informative

    We are working on a honey pot module for Damn Vulnerable Linux, it should be coming out soon ;-)

    Basically log all activity to a network server while hiding the fact that we are doing it. Just refresh from a fresh image once in a while. Once an intruder is noticed, we can give him as many rights as we want in real time, especially with regards to network connectivity, which is done at the firewall level. It is a nice way to get a good grip of what is running in the wilderness of the internet. If you are lucky enough, you can even learn about unpublished exploits although I would use a up to date distro to specifically discover these.

    --
    Everything I write is lies, read between the lines.
  3. Re:what about a weird-arch linux? by mmkkbb · · Score: 3, Informative

    And the PDP-10 had bytes in any size from 1 to 36 bits.

    --
    -mkb
  4. Re:Or by Culture20 · · Score: 5, Informative

    That's nothing. During the Blaster days, I stood by and let someone attach their computer to the network for updates after a clean install. It was an object lesson: Before she could navigate to windows update, it started rebooting again. Always update security patches from a known-safe medium.

  5. Re:Big deal by JonJ · · Score: 2, Informative

    Ugh, I'm gonna undo all my mod points for this but... Fedora is on the bleeding edge, it has never been about stuffing the distro with old and vulnerable software. The comparison is so far off it's not even funny. If he'd said 'Debian Stable' I might've seen the humor in it, but using Fedora is a really poor example. So he's not only a troll, but a stupid one at that. And it's really annoying seeing all the hate Fedora and Red Hat gets here on /. even if they do amazing work for both servers and desktops. I wish the constant Apple and Ubuntu masturbation would stop.

    --
    -- Linux user #369862
  6. Re:Or by antdude · · Score: 2, Informative

    I saw this happen with a 3 KB/sec dial-up connection too! It was nuts. My friend was wondering why his new XP Pro. downloads were so slow.

    --
    Ant(Dude) @ Quality Foraged Links (AQFL.net) & The Ant Farm (antfarm.ma.cx / antfarm.home.dhs.org).
  7. Re:Big deal by LinuxIsGarbage · · Score: 2, Informative

    You know that Windows Vista and Windows 7 were released which by default run the user as a limited user, and prompt for elevation when needed.