Damn Vulnerable Linux

The topic of this article may not meet Wikipedia's notability guidelines for products and services. Please help to demonstrate the notability of the topic by citing reliable secondary sources that are independent of the topic and provide significant coverage of it beyond a mere trivial mention. If notability cannot be shown, the article is likely to be merged, redirected, or deleted. Find sources: "Damn Vulnerable Linux" – news · newspapers · books · scholar · JSTOR (September 2012) (Learn how and when to remove this message)

Damn Vulnerable Linux (DVL) was a distribution of GNU/Linux geared toward computer security students. It functioned as a tool for observing and studying vulnerabilities in the Linux 2.4 kernel and popular user space software. It was available as a live DVD, and may be run through a virtual machine within any host operating system.^[1]. It reportedly is no longer maintained and listed as discontinued.^[2]

Damn Vulnerable Linux (DVL) is a Slackware and Slax-based live DVD. DVL 1.5 is based on BackTrack 2.0 Final. The distribution, purposefully stuffed with broken, ill-configured, outdated and exploitable software, began life as a training system used during the author's university lectures. Its primary goal is to design a Linux system that is as vulnerable as possible -- in order to teach and demonstrate a variety of security topics, including reverse code engineering, buffer overflows, shell code development, web exploitation, and SQL injection.^[3]

Usually, when installing a new operating system the hope is that it’s as up-to-date as possible. After installation there are bound to be a few updates required, but no more than a few megabytes. Damn Vulnerable Linux is different. It is shipped in as vulnerable a state as possible. The idea behind DVL is to offer an operating system for learning and research for security students. As the DVL website explains:

"Damn Vulnerable Linux (DVL) is everything a good Linux distribution isn’t. Its developers
have spent hours stuffing it with broken,
ill-configured, outdated, and exploitable software that makes it vulnerable to attacks.
DVL isn’t built to run on your desktop – it’s a learning tool for security students." 

Old versions of software including Apache, MySQL, PHP, FTP and SSH daemons are included as well as the tools needed to exploit them such as GCC, GDB, NASM, strace, ELF, Shell, DDD, LDasm, and LIDa.

The idea for producing DVL came from Thorsten Schneider who runs the TeutoHack lab at Bielefeld University in Germany. The hacker lab includes a closed network which a laptop can be hooked up to for research into IT security, hacking, and malware. Thorsten also teaches ethical hacking such as his lecture course Ethical Hacking – Binary Auditing & RCE.

At 1.8GB the ISO can be used as a Live DVD, or installed as a virtual machine using a package like VirtualBox or VMWare. Once installed it can be used as a training environment for teaching, “reverse code engineering, buffer overflows, shellcode development, web exploitation, and SQL injection”.^[4]

1. Damn Vulnerable Linux official website
2. Damn Vulnerable Linux at Distrowatch.com
3. [1]
4. Installation Under Virtualbox
5. Download Link Via SourceForge

This Linux-distribution-related article is a stub. You can help Wikipedia by expanding it.

• v
• t
• e