Damn Vulnerable Linux

Last updated
Damn Vulnerable Linux
OS family Linux (Unix-like)
Working stateDiscontinued
Platformsi486
Kernel type Monolithic kernel (Linux)

Damn Vulnerable Linux (DVL) is a discontinued [1] Linux distribution geared toward computer security students. It functions as a tool for observing and studying vulnerabilities in the Linux kernel and popular user space software. It is available as a live CD, and can be run through a virtual machine within the host operating system. [2]

Contents

History

DVL was created by Thorsten Schneider, the founder of the TeutoHack laboratory at Bielefeld University, [3] to use as a training system for his university lectures.

Design

DVL is a SLAX-based distribution, and uses the Slackware .tgz package management system. [1] It uses outdated versions of various software, to deliberately make it the most vulnerable operating system ever. [4] [5]

DVL is distributed as a live CD, allowing it to be booted directly from the distribution medium without installation on a PC or within a virtual machine. [6]

See also

Related Research Articles

<span class="mw-page-title-main">Device driver</span> Software interface to attached devices

In computing, a device driver is a computer program that operates or controls a particular type of device that is attached to a computer or automaton. A driver provides a software interface to hardware devices, enabling operating systems and other computer programs to access hardware functions without needing to know precise details about the hardware being used.

<span class="mw-page-title-main">Linux distribution</span> Operating system based on the Linux kernel

A Linux distribution is an operating system made from a software collection that includes the Linux kernel and often a package management system. Linux users usually obtain their operating system by downloading one of the Linux distributions, which are available for a wide variety of systems ranging from embedded devices and personal computers to powerful supercomputers.

<span class="mw-page-title-main">Knoppix</span> Linux operating system

Knoppix, stylized KNOPPIX, is an operating system based on Debian designed to be run directly from a CD / DVD or a USB flash drive. It was first released in 2000 by German Linux consultant Klaus Knopper, and was one of the first popular live distributions. Knoppix is loaded from the removable medium and decompressed into a RAM drive. The decompression is transparent and on-the-fly.

A rootkit is a collection of computer software, typically malicious, designed to enable access to a computer or an area of its software that is not otherwise allowed and often masks its existence or the existence of other software. The term rootkit is a compound of "root" and the word "kit". The term "rootkit" has negative connotations through its association with malware.

<span class="mw-page-title-main">Live CD</span> Complete, bootable computer installation that runs directly from a CD-ROM

A live CD is a complete bootable computer installation including operating system which runs directly from a CD-ROM or similar storage device into a computer's memory, rather than loading from a hard disk drive. A live CD allows users to run an operating system for any purpose without installing it or making any changes to the computer's configuration. Live CDs can run on a computer without secondary storage, such as a hard disk drive, or with a corrupted hard disk drive or file system, allowing data recovery.

<span class="mw-page-title-main">Damn Small Linux</span> Lightweight, desktop-oriented Linux distribution

Damn Small Linux (DSL) is a computer operating system for the x86 family of personal computers. It is free and open-source software under the terms of the GNU GPL and other free and open-source licenses. It was designed to run graphical user interface applications on older PC hardware, for example, machines with 486 and early Pentium microprocessors and very little random-access memory (RAM). DSL is a live CD with a size of 50 megabytes (MB). What originally began as an experiment to see how much software could fit in 50 MB eventually became a full Linux distribution. It can be installed on storage media with small capacities, like bootable business cards, USB flash drives, various memory cards, and Zip drives.

<span class="mw-page-title-main">Light-weight Linux distribution</span> Operating system with low resource requirements

A light-weight Linux distribution is one that uses lower memory and/or has less processor-speed requirements than a more "feature-rich" Linux distribution. The lower demands on hardware ideally result in a more responsive machine, and/or allow devices with fewer system resources to be used productively. The lower memory and/or processor-speed requirements are achieved by avoiding software bloat, i.e. by leaving out features that are perceived to have little or no practical use or advantage, or for which there is no or low demand.

This is a list of operating systems specifically focused on security. Similar concepts include security-evaluated operating systems that have achieved certification from an auditing organization, and trusted operating systems that provide sufficient support for multilevel security and evidence of correctness to meet a particular set of requirements.

<span class="mw-page-title-main">PCLinuxOS</span> Linux distribution

PCLinuxOS, often shortened to PCLOS, is a rolling release Linux distribution for x86-64 computers, with KDE Plasma, MATE, and XFCE as its default user interfaces. It is a primarily FOSS operating system for personal computers aimed at ease of use.

<span class="mw-page-title-main">Zenwalk</span> Slackware-based Linux distribution

Zenwalk GNU/Linux is a desktop-focused Linux distribution founded by Jean-Philippe Guillemin. It is based on Slackware with very few modifications at system level making it 100% compatible with Slackware. It aims to be a modern, multi-purpose Linux distribution by focusing on internet applications, multimedia and programming tools. It comes with many specialized tools and is designed for beginners and advanced users alike, as it offers system configuration via both graphical tools and the command line.

<span class="mw-page-title-main">GParted</span> Partition editor

GParted is a GTK front-end to GNU Parted and an official GNOME partition-editing application. GParted is used for creating, deleting, resizing, moving, checking, and copying disk partitions and their file systems. This is useful for creating space for new operating systems, reorganizing disk usage, copying data residing on hard disks, and mirroring one partition with another. It can also be used to format a USB drive.

OS-level virtualization is an operating system (OS) virtualization paradigm in which the kernel allows the existence of multiple isolated user space instances, called containers, zones, virtual private servers (OpenVZ), partitions, virtual environments (VEs), virtual kernels, or jails. Such instances may look like real computers from the point of view of programs running in them. A computer program running on an ordinary operating system can see all resources of that computer. However, programs running inside of a container can only see the container's contents and devices assigned to the container.

A software appliance is a software application combined with just enough operating system (JeOS) to run optimally on industry-standard hardware or in a virtual machine. It is a software distribution or firmware that implements a computer appliance.

<span class="mw-page-title-main">Live USB</span> USB drive with a full bootable operating system

A live USB is a portable USB-attached external data storage device containing a full operating system that can be booted from. The term is reminiscent of USB flash drives but may encompass an external hard disk drive or solid-state drive, though they may be referred to as "live HDD" and "live SSD" respectively. They are the evolutionary next step after live CDs, but with the added benefit of writable storage, allowing customizations to the booted operating system. Live USBs can be used in embedded systems for system administration, data recovery, or test driving, and can persistently save settings and install software packages on the USB device.

<span class="mw-page-title-main">Wubi (software)</span> Ubuntu Linux installer for Windows

Wubi is a free software Ubuntu installer, that was the official Windows-based software, from 2008 until 2013, to install Ubuntu from within Windows, to a single file within an existing Windows partition.

<span class="mw-page-title-main">Criticism of desktop Linux</span> Criticism of certain Linux distributions

Criticism of desktop Linux is a history of comment on the perceived shortcomings of the Linux operating system when installed on desktop computers. These criticisms have been aimed at the plethora of issues and lack of consistency between Linux distributions, their usefulness and ease of use as desktop systems for general end users, driver support and issues with multi-media playback and audio development.

<span class="mw-page-title-main">Tails (operating system)</span> Linux distribution for anonymity and privacy

Tails, or "The Amnesic Incognito Live System", is a security-focused Debian-based Linux distribution aimed at preserving Internet privacy and anonymity. It connects to the Internet exclusively through the anonymity network Tor. The system is designed to be booted as a live DVD or live USB and never writes to the hard drive or SSD, leaving no digital footprint on the machine unless explicitly told to do so. It can also be run as a virtual machine, with some additional security risks.

<span class="mw-page-title-main">Meltdown (security vulnerability)</span> Microprocessor security vulnerability

Meltdown is one of the two original transient execution CPU vulnerabilities. Meltdown affects Intel x86 microprocessors, IBM POWER processors, and some ARM-based microprocessors. It allows a rogue process to read all memory, even when it is not authorized to do so.

References

  1. 1 2 "DistroWatch.com: Damn Vulnerable Linux". July 14, 2010. Retrieved January 8, 2018.
  2. "Damn Vulnerable Linux". Archived from the original on December 21, 2011. Retrieved October 31, 2010.
  3. "The Most Vulnerable and Exploitable Operating System Ever? Damn Vulnerable Linux". Networkworld.com. 2010-09-13. Retrieved 2012-10-24.
  4. "Damn Vulnerable Linux – The Most Vulnerable OS Ever Created". Hardocp. 2010-07-18. Retrieved 2012-10-12.
  5. "Damn Vulnerable Linux: [DVL]: WebGoat SQL Injection". Computersecuritystudent.com. Retrieved 2012-10-12.
  6. "Damn Vulnerable Linux - The most vulnerable and exploitable operating system ever! – Tech Products & Geek News". Geek.com. 2010-07-17. Archived from the original on 2012-10-18. Retrieved 2012-10-24.