Subtitles of the Movie

Now up until this point we've talked about tools that can help make your network more secure and we've also talked about Live Linux Security distributions that can also help you make your systems and network more secure. Now we're going to talk about something that's very unsecure and that's something called Damn Vulnerable Linux, or DVL as it's more popularly known. What DVL is, is a bootable Linux CD that basically is very unsecure, in fact, its websites boast that it's one of the most insecure operating systems around. Now it has a wide variety of security vulnerabilities that are there for you to use to train your security people and to test security tools, to learn security techniques, to learn hacking and penetration testing techniques, which will, in turn, teach you how to secure systems better and how to build more secure networks. So, it's basically a training ground. It's a, it gives you the ability to have fun and learn hacking or penetration testing at the same time. Now it's based upon Backtrack 2.0, so it is a Linux Distribution and it's very easy to use. All you have to do is basically boot the system off the CD, the same way that you would with any other Live Linux Security Distribution. Now DVL has a lot of security issues built in, a lot of exercises and training materials built in, that you can use to train your security personnel or even run penetration tests against with security tools, so you can kind of see how they work and what their effects are. Let's go ahead and give a quick tour of Damn Vulnerable Linux. OK, we're looking at Damn Vulnerable Linux and as you can see it's got kind of a colorful background to it there. Again, it's based upon Backtrack 2.0, an older version of Backtrack, but that doesn't mean that just because it's older that it's not effective. Damn Vulnerable Linux has a lot of really good tools to it, in fact it's got a lot of good security tools and training materials on it. Now it's a typical Linux distribution so you do have a lot of things loaded on it that you would find in a typical Linux distribution such as text editors and so forth. Let's take a look at some of the tools that are on here. Under the Damn Vulnerable Linux Group you've got Training Material and there's various exploits you can learn about including Binary Exploitation, Web Exploitation, how to reverse engineer code, Coding itself and about HoneyNets, which are basically really good security tools that enable you to establish a HoneyNet around your network so that a hacker or someone could practice on your network and unknowingly you're watching them and seeing what they're doing - you're actually giving them an unsecure network to occupy their time with while you observe them, so you can learn about HoneyNets as well. There's a Development group here that gives you lots of development tools; you also have other kinds of tools, Editors, Reverse Code Engineering tools, Code protection, Crypto tools, Code Analyzers and so forth. There's also a group that has a lot of really good websites in it, Damn Vulnerable Linux website and others as well. Now on this distribution there's also a full version of Backtrack so you have a lot of the Backtrack tools. Now again, this is an older version of Backtrack, but still the tools are very relevant even in today's world. You've got Information Gathering tools, basically reconnaissance tools, Network Mapping, so you've got things like NMap and so forth, Vulnerability Identification, you've got vulnerability tools in here such as Metasploit and so forth. Penetration tools as well, Privilege Escalation tools, Access tools, Backdoors, Rootkits, Tunneling, all kinds of security tools that can help you perform and practice penetration testing and security testing. You've also got Wireless tools built in here as well and Digital Forensics tools, although once again I would tell you that if you want to do digital forensics a better distribution that's more suited to that is probably Helix. So, DVL's got a lot of cool stuff to it and you can attack it over a network running these tools from another virtual machine, for example, or another network machine running Backtrack or other security tools and practice on it and use some of the training materials and really learn a lot about penetration testing. So, that is Damn Vulnerable Linux, another popular Linux Security Distribution that's Live and bootable and I think combined with Backtrack, using this in a controlled environment, would probably teach you a great deal about a lot of these security tools we've been talking about all along.