IT Underground XI 2008: The Damn Vulnerable Linux Project - Steps beyond ethical hacking! (by T. Schneider)

Posted on September 15, 2008 by Univ.-Doz. Dr. Schneider 
Filed Under IITAC Security Blog

Learning how to hack is a complex task. Teaching how to hack is even more complex. With all these security live distributions out there, there is a growing need to facilitate the teaching process by offering free training. Despite the fact that there is a bunch of good distributions for security auditing, there is no known true training and learning environment available. Damn Vulnerable Linux - which is based on BackTrack - closes this gap and offers a full legal training and teaching system. For this DVL has extended BackTrack by adding various missing tools such as for Reverse Code Engineering tasks. DVL includes additionally a wide range of materials for training in the fields of binary and web exploitation, shellcode development or Reverse Code Engineering and Binary Auditing. Training material such as WebGoat and Honeynet tutorials are included. Additional packages as for rootkit and malware auditing training are available. DVL includes a bunch of vulnerable targets to train auditing tasks.

DVL is known to be used by various organisations such as training centers and universities - including the world wide first master of science in ethical hacking.

This talk is about the Damn Vulnerable Linux project and distribution. We give a brief introduction to the project, its goals, future steps and vision. We include teaching experiences from master student classes. Next we give a detailed overview about the Scientific Hacking project which is the training branch of Damn Vulnerable Linux and is aimed to teach IT security for free by the community to the community. We show why these projects go beyond ethical hacking and propose an own community driven certification according to ISO/IEC 17024.



Comments

Leave a Reply