You are not logged in.
Pages: 1
http://www.damnvulnerablelinux.org/
From what I can see, it's a distro made to teach sysadmins, etc. about security.
Offline
I thought that was "windows".
My Arch Linux Stuff • Forum Etiquette • Community Ethos - Arch is not for everyone
Offline
In first it looked like those money-pulling, advertising, domain name placeholders. I feel annoyed then so I'll be staying of that website
Did you try it out??
Offline
I've looked at it. It's designed to be loaded in a virtual machine and used for penetration training. It uses an old 2.4 kernel and really bad, unpatched versions of things like Apache. It has limited appeal, but it's a decent training tool if that's what you're looking for.
-mS
Offline
So it is as bad as it looks )
Offline
Heh. Yep. I remember listening to a talk about it not too long ago. Essentially, it's hard to practice on your average Linux box since fixes are out so quickly. You have to hunt down unpatched versions of things and build them yourself since your distro probably doesn't hang on to them. This was designed to save you the trouble. This stuff is guaranteed easy to break.
-mS
Offline
Is the solution to most of the problems in DVL simply installing newer versions of the software, or is it down to a lot of subtly badly configured settings too?
-//------------------/------>
Offline
A lot of it's poorly configured. It's pretty much screwed up in any way you can think of.
-mS
Offline
HAHAHA I didn't look into the website (or the distro) but the fact that a special broken distro had to be created for teaching tells a lot about linux.
I was thinking to myself .... you have to look hard to find a very broken linux distro and harder not to find a broken windoze haha.
But .... sshhhh don't tell anyone I said this
R00KIE
Tm90aGluZyB0byBzZWUgaGVyZSwgbW92ZSBhbG9uZy4K
Offline
I'll never forget the experience of having to reinstall XP on a laptop around 4-5 years ago.
This is why: the laptop had come with the very first edition of XP. So I reinstalled, and connected to the net to (desperately) try and get patches.
Within 5-10 minutes - under circumstances I still can't quite figure out the laptop was crawling and compromised. Luckily I had a firewall and some other items hanging around on a CD, so they offered some protection until MS shipped me an SP2 cd (for free!).
Yeah.. so if you want to have some fun, try track down the first edition of XP and install it on a web facing server.
-//------------------/------>
Offline
I would worry more about some old linux servers unpatched and maybe running 2.4 still. And badly configured also.
I had a case where customers linux server was hacked trough some flaw in horde. It had been unmaintained for years and customer hadn't been really interested to get some maintenance since it had ran quite flawlessy. One day their internet connection was cut and ISP told that their site had been used to pishing attacks agains ebay.
I had a case where ISP blocked clients Exchange server from their relay server. There was 20000 unsent spam messages in queue, somebody had managed to turn it as a open relay. With Exchange you actually have try to turn it as open relay but with sendmail or postfix I think this easier to accidentally do.
Offline
The question is... does their server run their distro?
Offline
Windows used to be really badly designed regarding security. Nowadays (I use Windows for Workstations 2008 aka Server 2008 for development, but Vista is capable™ of the same) it can be at least as secure as your average Linux distribution. You have a design which encourages rights elevation (i.e. run as root/admin only when needed), services are disabled by default, you have a working execution prevention with a *white list* approach,...
Security-wise I would entrust servers with Windows and the old reputation of being very insecure is imho not justified anymore. Usability and control on the other hand...
Offline
Windows used to be really badly designed regarding security....You have a design which encourages rights elevation (i.e. run as root/admin only when needed), services are disabled by default,
Despite what Microsoft says and how it looks, Vists defaults to admin and only ask permissions to run as admin when it receives a certain call, apparently not to break compatibility with older programs. I saw a demo of an attack at Defcon last year. Because of all of the extra steps required to do anything with Vista, it's easy to trap the call that asks for admin rights and not allow it to actually work, effectively creating an admin default. The guy said it would work on 2008, too, but he didn't have a demo box to demonstrate on.
Windows is better than it used to be, yes, but I still wouldn't trust it.
-mS
Last edited by aglarond (2009-02-01 20:37:56)
Offline
Are you talking about http://neosmart.net/blog/2008/ireboot-a … imitations ? If not, would you be so kind as to provide more details about this? (I'm honestly interested as I might go back to using not internet connected Windows systems.)
Let me summarize: These guys couldn't autostart an application which needed admin rights (Vista blocks this). Their solution was to create a service running with elevated rights and a userspace tool to control the daemon. You _have to_ install the service with admin rights.
How is this different on any *nix system? It's badly designed, because most users will just click "OK", because they have been trained to do so, but it's correct behaviour. Of course you need a security conscious user to get a secure system.
OK, I'm completely off-topic and will shut up now.
Offline
Unfortunately Defcon doesn't put their stuff online. I'll see if I can dig some more info up when I get home. I didn't understand all of it, but it took advantage of a vulnerability that's available because of how Microsoft enforces DRM. They use multiple encryption and decryption steps to prevent you from, for example, sending a digital recording out for analog recording. The attack "traps" the call that restricts admin rights during one of those stops and it doesn't go through, allowing anything that runs at that moment to run as admin.
He said there way no way to do a drive-by with it, though. There does have to be some user interaction (i.e. run a program or permit an ActiveX control to run).
-mS
Offline
In first it looked like those money-pulling, advertising, domain name placeholders. I feel annoyed then so I'll be staying of that website
Did you try it out??
Yes. I used it some time ago. The distro is great for learning security staff.
By striving to do the impossible, man has always achieved what is possible. Those who have cautiously done no more than they believed possible have never taken a single step forward - Mikhail Bakunin
Offline
(Sorry for off-topic.)
Unfortunately Defcon doesn't put their stuff online.
Ah, that's why I found nothing about it. The only mentioning of UAC and defcon I found was in http://dc214.defcon.org/notes/gnews_200805.ppt , where it pointed to neosmart.
Thanks for your short explanation, it would be great if you could dig up something. As if working with Windows wasn't chastisement enough...:rolleyes:
Offline
This looks like fun
Offline
Interesting. I've messed around a bit with Windows security (rdeskotp patched with a brute forcer works wonders) but when it comes to Linux security I'm a newb.
Also, I've seen countless Vista boxes running remote desktop unsecured.
Last edited by absolutezero1287 (2009-02-08 08:35:58)
Offline
Pages: 1