Damn Vulnerable Linux

[nihil]

This is a new distro to me

http://www.hackinthebox.org/index.ph...icle&sid=37086

Damn Vulnerable Linux (DVL) is everything a good Linux distribution isn’t. Its developers have spent hours stuffing it with broken, ill-configured, outdated, and exploitable software that makes it vulnerable to attacks. DVL isn’t built to run on your desktop – it’s a learning tool for security students.

[westin]

I have messed with it a little bit. Quite a bit of fun to be had.

[HYBR|D]

Just grabbed myself a copy, and now waiting for imgburn to cut the .iso onto a blank disc and will give this thing a looksie.

wonder if i ran it and browsed enough if i can get myself a rooted box..

[westin]

Just grabbed myself a copy, and now waiting for imgburn to cut the .iso onto a blank disc and will give this thing a looksie.

wonder if i ran it and browsed enough if i can get myself a rooted box..

I just threw mine into virtualbox. DVL is a nice platform to test different scanning tools, exploit frameworks, XSS/SQL injection attacks, etc. against.

You can set up the networking as internal only, and then load another distro, such as backtrack, with the same settings, and have quite a bit of fun.

[gore]

wonder if i ran it and browsed enough if i can get myself a rooted box..

You could do that with a fresh install of Windows XP. Just wait about 15 minutes.

[HYBR|D]

mehehe, you don't even have to browse or do anything, the quickest i've had a fresh XP install get infected was 4seconds after booting into the desktop after the initial install..

had that shutdown box appear that counts down from 20sec pop up near straight away. That'll teach me to leave the machine plugged into the interwebz without a condom on the ethernet cable...

[gore]

Remember that the next time I'm arguing with someone on here how just because Windows XP CAN be Secure, doesn't mean it IS out of the box. Not that a lot are, out of the box, but I do recall being flamed on here a few times when I was always going on about SUSE Linux, because, well, when you installed that, before it actually had even booted up for the first time, while you were still finishing up the installation, it allowed you to do a full update before it even got to a desktop, or even a log in screen for that matter.

SUSE had this back in like 8.1 or 8.2 Professional, and so once you had gotten the install going, after you set up the Network connection part of it, you could have it test your connection to see if it wa connected, and then, it asked it you'd like to install updates, and you'd select yes, and it would actually show you the updates that were out since the OS had been packaged, you could then install them, and have a fully updated machine by the time you got to the log in.

I know a few people here who were huge Windows people, who would go on and on that "Ohhhhh Windows NT, 2000 and XP can be just as secure as Linux"...

OK, fine, if you manage to get to a desktop (Which by the way, Windows loads things in a different way than Linux, BSD, and other OSs, it loads the Program's Interface before it actually finishes loading the actual application, so that way it appears on screen BEFORE it's actually ready to use) so, if you could get to the log in, which by default logged you in as admin, no password, and then, click on Windows update fast enough to start patching, and then, reboot 50 times for all those updates that ALL require an update, and then of course, have the time to move your mouse fast enough to select Internet Explorer and Windows Media Player by themselves because for some reason you can't install updates for those with ANYTHING else selected, and they need reboots too, and THEN go back and see that now, there are even MORE patches, and get those installed, reboot, and see THOSE patches need patches, and so on, ALL within the time to get the damn thing to load a Desktop that won't be infected, then awesome! LOL!

[instronics]

Remember that the next time I'm arguing with someone on here how just because Windows XP CAN be Secure, doesn't mean it IS out of the box. Not that a lot are, out of the box, but I do recall being flamed on here a few times when I was always going on about SUSE Linux, because, well, when you installed that, before it actually had even booted up for the first time, while you were still finishing up the installation, it allowed you to do a full update before it even got to a desktop, or even a log in screen for that matter.

SUSE had this back in like 8.1 or 8.2 Professional, and so once you had gotten the install going, after you set up the Network connection part of it, you could have it test your connection to see if it wa connected, and then, it asked it you'd like to install updates, and you'd select yes, and it would actually show you the updates that were out since the OS had been packaged, you could then install them, and have a fully updated machine by the time you got to the log in.

I know a few people here who were huge Windows people, who would go on and on that "Ohhhhh Windows NT, 2000 and XP can be just as secure as Linux"...

OK, fine, if you manage to get to a desktop (Which by the way, Windows loads things in a different way than Linux, BSD, and other OSs, it loads the Program's Interface before it actually finishes loading the actual application, so that way it appears on screen BEFORE it's actually ready to use) so, if you could get to the log in, which by default logged you in as admin, no password, and then, click on Windows update fast enough to start patching, and then, reboot 50 times for all those updates that ALL require an update, and then of course, have the time to move your mouse fast enough to select Internet Explorer and Windows Media Player by themselves because for some reason you can't install updates for those with ANYTHING else selected, and they need reboots too, and THEN go back and see that now, there are even MORE patches, and get those installed, reboot, and see THOSE patches need patches, and so on, ALL within the time to get the damn thing to load a Desktop that won't be infected, then awesome! LOL!

While i do admit that the update process of a windows box is a severe pain in the a$$, fact still remains that it 'can' be hardened to operate smoothly and safely. I would say the main problem in windows is that it is designed for ease of use. That ofc means lower security by default since simplicity and comfort are always known to be bitter enemies of security.

As for SuSE... and many other linux distros, the same does apply in some situations. Just to make the install easier, and ease of use there are many security features that are not setup correctly. Why doesnt suse for example limit the 'su' to the first user during the install? Like adding it to group wheel for instance? Why does ssh allow root logins? Why does by default the X server listen on port 6000? (here i mean why does it open a port in state LISTEN by default). Yup, its a usefull feature if you need it, but opening listening ports by default is not the way of the security penguin

Those problems (whilst still MUCH SAFER than any default win install) are still non secure settings. These seem to appear only on the 'try-to-remain-easy' systems such as suse, all flavours of bubunutti, and so on. For some people having to setup these issues manually is not always an option and can be a pain too (users who have installed openBSD/netBSD/freeBSD/slackware know this) but in terms of security, these are far more superior.

By no means is this a rant against suse gore.... you above all people know my love for it and all my work on AO was based on suse in the past. But truth is, if you dont secure it manually.... (this applies for most distros/oss') it can still be sort of vurnerable.

I have had the suse auto updates mess up the system on occasion (kernel updates, and system would go into kernel panic after reboot), same on some bubunutti distros, but yes.... the updating on linux still remains better/easier/& far superior to windows.

Now about the topic itself... i believe that this distro should be used for testing of qualifications for admins. Its a very good practice and helps to learn new things. I would'nt use it (trust it) for any live system, even if secured to the best of an admin's knowledge since it has been designed to be unsecure, but it could be seen as a challenge. And since everything the in the security world is a 2 sided blade.... it give an excellent opportunity to try and easy-exploit-it on the-fly.


cheers.