Damn Vulnerable Linux is Littered with Security Holes


Put away the pitchforks, penguin fans, we're not hating on Linux or dropping a deuce on open-source software in general (you're welcome for the visual). What we're referring to is an actual distro called "Damn Vulnerable Linux," which is not like any other Linux distro you've seen before.

"Damn Vulnerable Linux (DVL) is everything a good Linux distribution isn't," the DVL website explains. "Its developers have spent hours stuffing it with broken, ill-configured, outdated, and exploitable software that makes it vulnerable to attacks. DVL isn't built to run on your desktop -- it's a learning tool for security students."

Like many Linux distros, DVL can be used as a Live CD or installed on your system, preferably a virtual machine. According to DVL's website, the distro contains "older, easily breakable versions of Apache, MySQL, PHP, and FTP and SSH daemons," as well as an assortment of tools to help you break apps running on these services.

"The main idea behind DVL was to build up a training system that I could use for my university lectures," explains Dr. Thorsten Schneider , who conceived the project. "My goal was to design a Linux system that was as vulnerable as possible, to teach topics such as reverse code engineering, bug overflows, shellcode development, Web exploitation, and SQL injection."

DVL Download

Image Credit: DVL

Around the web