Find the answer to your Linux question:
Results 1 to 3 of 3
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1

    Any Insecure Distros knocking around?

    I know, I know, odd question, and it's not a typo.

    I'm looking for a relatively modern, INsecure distro of linux for use at my uni - we're setting up two computers for a "warboxing" affair, where we've got two teams of people trying to break into each other's boxes to teach them about linux security - what sort of attacks to expect, and how to stop them.

    the distro that we'd settled on using was debian woody - based on (I believe) the 2.2.20 kernel, with what appears to be more holes than a ship made of sieves - perfect, seeing as the expected userbase won't know a whole much about linux.

    However, me and the other organiser can't for the life of use get X running properly, and I don't have the time to figure out how to get an old, outdated kernel to work properly on relativley modern hardware.

    So, explanation done with, I ask you this: is there a distro out there at the moment, with a relatively modern kernel, some kind of window manager, and a whole host of security issues, right out of the box?



    EDIT: Oh, and if I've stuck this in the wrong section, feel free to get it moved to wherever's applicable. This just seemed the most appropriate.. though, new forum, new stuff tog et used to
    Last edited by MDK_Marshal; 11-30-2008 at 06:55 PM. Reason: Adding a wee disclaimer!

  2. #2
    Linux Guru bigtomrodney's Avatar
    Join Date
    Nov 2004
    Eh....nothing comes to mind. Developers and the community have been trying hard to squish those bugs for the last few years

    I would imagine a good approach would be more in line with attacking method used to configure the system. If people are running services they don't need as root, with poor passwords that's one way. I'm sure there are plenty of current vulnerabilities (positive!) but as they become known the community do work to eradicating these problems.

    A famous one was the forkbomb vulnerability in Mandrake a few years ago. Ulimit wasn't configured correctly so there was no limit on the number of processes a user could have. Maybe that could help?

  3. #3
    Administrator jayd512's Avatar
    Join Date
    Feb 2008
    It took me a while to remember it! But this is what you want: Damn Vulnerable Linux! It's based on DSL, so it goes along with your choice of a Deb based system. But it's actually built with all kinds of security holes on purpose.

    New users, read this first.
    New Member FAQ
    Registered Linux User #463940
    I do not respond to private messages asking for Linux help. Please keep it on the public boards.

  4. $spacer_open

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts