Learning Security using DamnVulnerableLinux

If you want to learn security by doing the actual "hacking", there is a good news for you.

Thorsten Schneider of the International Institute for Training, Assessment, and Certification (IITAC) and Secure Software Engineering (S²e) in cooperation with Kryshaam from the French Reverse Engineering Team has released Damn Vulnerable Linux (DVL).

Here is the description about DVL :

Damn Vulnerable Linux (DVL) is everything a good Linux distribution isn't. Its developers have spent hours stuffing it with broken, ill-configured, outdated, and exploitable software that makes it vulnerable to attacks. DVL isn't built to run on your desktop -- it's a learning tool for security students.

DVL is a live CD available as a 150MB ISO. It's based on the popular mini-Linux distribution Damn Small Linux (DSL), not only for its minimal size, but also for the fact that DSL uses a 2.4 kernel, which makes it easier to offer vulnerable elements that might not work under the 2.6 kernel. It contains older, easily breakable versions of Apache, MySQL, PHP, and FTP and SSH daemons, as well as several tools available to help you compile, debug, and break applications running on these services, including GCC, GDB, NASM, strace, ELF Shell, DDD, LDasm, LIDa, and more.

You will also get the video tutorials about DVL overview and the first lesson on buffer overflow. But you have to download them because they don't come with the distro.

At this moment the site can't be accessed, it seems that their system experiences technical problems.

I am looking forward for their next releases that will include so many wonderful tools such as Metasploit and of course more tutorials would be great.