Hacker News new | ask | show | jobs
Damn Vulnerable Linux - The most vulnerable and exploitable distro (damnvulnerablelinux.org)
178 points by morazyx 5822 days ago
5 comments
mahmud 5822 days ago
Securing this beast should serve as a nice training course for any sysadmin; bonus points if you start handing out shell accounts to anonymous people in certain neighborhoods of EFNet.
link
pavs 5822 days ago
Just update packages to the latest, patched version. What so difficult about it?
link
mahmud 5822 days ago
If this is based on a popular distro, maybe; but if you wanted to loosen up a Linux box, you can build a freak from pieces that no one would find lineage for, much less a repo.
link
pavs 5822 days ago
umm no.

He specifically mentions that all the softwares are vulnerable:

"Its developers have spent hours stuffing it with broken, ill-configured, outdated, and exploitable software that makes it vulnerable to attacks."

Just replace them with the latest, patched, default configured version.

link
btilly 5822 days ago
What pieces of software do you replace? How do you replace it? Remember that it likely doesn't some with anything like apt to make this easy.
link
kaens 5822 days ago
You wipe the disk and install OpenBSD.
link
zachrose 5822 days ago
Or you could just get an iPad.
link
milkshakes 5822 days ago
There are other ways to update software..
link
mahmud 5822 days ago
Riiight, downloading individual packages, libraries and kernels and building them from source. Which is why I thought it would be a good exercise, however very boring.

Running a Bastille script on the box would give you a quick TODO list. Pushing it to "production" and getting a few servers up and running, across version incompatibilities, would prove a bit more interesting. Running it under an older 2.4.x or 2.2.x kernel, doubly so.

link
joe_the_user 5821 days ago
I'm far from a security expert.

I have spent hundreds if not thousands of hours upgrading random packages in Linux for various reasons. Afterwards, I didn't feel any wiser in security or anything except how to build stuff (well, maybe a bit of systems stuff...).

If upgrading is main task here, what do you really learn? If upgrading isn't the main task here, what is?

link
ciupicri 5822 days ago
Not update, but upgrade to another more secure distribution.
link
nphase 5822 days ago
Or 4chan.
link
sliverstorm 5822 days ago
> Damn Vulnerable Linux - The most vulnerable and exploitable operating system ever!

Wait, they topped Windows 95 and Windows ME?

Is that even possible?

link
pjscott 5822 days ago
I love how, on those OSes, you could freeze the whole thing solid with a three-byte program:

   cli   # clears interrupts
   loop: goto loop
This ballooned to a colossal four bytes if you put it in an EXE file, of course.
link
mahmud 5822 days ago
You could do it from debug.com but that one doesn't have labels, so you will need to use an explicit jmp.

  C:\hack\lisp\cl-gdata\base>debug
  -a
  13EA:0100 cli
  13EA:0101 jmp 101
  13EA:0103
  -g 0100
link
yesimahuman 5822 days ago
Technically speaking, how would an OS avoid that issue, without breaking compatibility (unless that is acceptable)?
link
mahmud 5822 days ago
You can't be bug compatible for things that violate the processor's protection protocol. Access to certain bits of the EFLAGS register is unavailable to unprivileged code. In fact. Just because you were allowed to raid and pillage by Microsoft for a few years doesn't mean it's the norm.
link
derefr 5822 days ago
Sure you can—just let them stomp all over a virtualized processor/memory space.
link
dfox 5822 days ago
You cannot meaningfully virtualize access to EFLAGS:IF. You can either emulate(/JIT) almost whole CPU or ignore this issue. And anyway, turning of interrupts is something that essentially does not make sense for user process, so it is better to just disallow that (which is what almost everything else but non-NT windows does)
link
JoeAltmaier 5821 days ago
Any OS on that early hardware had this problem, right?
link
wwortiz 5822 days ago
That actually sounds like a fun concept.
link
morazyx 5822 days ago
Seems a decent educational tool too.. run in a virtual box and let your students go all out overflowing buffers and seeing the concepts in action. It comes with easy-to-follow guides.
link
JoeAltmaier 5821 days ago
OK for learning about what has been solved; kind of hacking-101. BUt the exploits involved have all been fixed in the products in that distro. What to use for the advanced class?
link
mfukar 5821 days ago
Refer to popular wargames. You could start here: http://www.smashthestack.org
link
datamonk 5821 days ago
i have it on my VM, can someone point me to where these guides are? KDE confuses me :). i will RTFM, I just need to find it first. thanks.
link
morazyx 5821 days ago
/dvl ;)
link
nsfmc 5821 days ago
an actual distribution
link
Spoutingshite 5821 days ago
It looks like a honeypot on steroids!
link
nhnifong 5821 days ago
Whats with all the grammatical errors on that site? Is it a joke?
link
known 5821 days ago
http://en.wikipedia.org/wiki/Openbsd is the most secure OS.
link