DOCSLIB.ORG

Cybersecurity and Forensic Challenges - a Bibliographic Review

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Cybersecurity and Forensic Challenges - a Bibliographic Review https://doi.org/10.2352/ISSN.2470-1173.2018.06.MOBMU-100 © 2018, Society for Imaging Science and Technology Cybersecurity and Forensic Challenges - A Bibliographic Review Reiner Creutzburg Technische Hochschule Brandenburg, Department of Informatics and Media, IT- and Media Forensics Lab,, P.O.Box 2132, D-14737 Brandenburg, Germany Email: [email protected] Abstract professional obligations on their learning processes. One can in- The aim of this paper is to give a bibliographic review of creasingly observe that colleges and universities more and more the growing number of different Cybersecurity and Forensic Chal- have to adjust to this present generation of students and respond lenges for educational and vocational training purposes. by increasing the flexibility of the courses. For this reason, on- Special attention is given to the hacking lab, which enables effec- line degree programs, or suitable combinations of classroom and tive training in cybersecurity and computer forensics in the uni- online studies (blended learning) are increasingly offered. It is versity environment and in vocational education and training. well-known that man learns about 80% of its knowledge and skills by informal learning compared to learning from formal learning. Introduction Unfortunately, often this fact is not taken into account by plan- Nowadays, small- and medium-sized enterprises (SME) ners and decision-makers from school, university and companies. have to deal more and more with the issue of IT security. Due A well-known example is the now already for 10 years success- to the ever-growing popularity of mobile devices, but also by the fully operating ”Virtuelle Fachhochschule (Virtual University)”, general acceptance of IT technology in everyday life, new secu- an association of 10 established Universities of Applied Sciences rity threats to corporate data occur every day [1-13]. in Germany and Switzerland [2]. A special feature applies to new Due to different terms and conditions within a company, students, who often have to start and face various ”entry level” there is no single security solution to counter all different threats. difficulties in a higher education experience. This can have var- In addition, dependent on the experience of the administra- ious causes (e.g. of a longer working period after high school, tors, devices and services may be misconfigured and thus open army and civilian activities, family situation, social status, career security vulnerabilities. changers, migration background, additional employment to earn Companies can protect themselves against such risks by as- money while studying, lack of student loan assistance, etc.). sessing using penetration testing to get an accurate analysis of the In order to help these students and to ease the entry to fa- threats and develop individual security concepts. However, there cilitate study and the associated intensive teaching and learning are two major challenges. How can companies be aware of the process, the following two projects were carried out [1]. importance of security inspections? How can a check be offered so inexpensive that even in the face of SMEs regular checks are Virtual Tutorials made possible? In this project not already well-known facts about online One solution is to completely automate the vulnerability and teaching should be explored, but rather are demonstrated, as addi- penetration tests and to reduce the necessary oral audits to an es- tional virtual online tutorials are successfully introduced into the sential minimum. With this approach, security audits could be undergraduate course Algorithms and Data Structures of the De- carried out efficiently and with reduced effort and businesses are partment of Informatics and Media of Applied Sciences Branden- encouraged to perform these important checks regularly. burg in order to give the opportunity to all students to better un- derstand the educational content of this course through a variety Introduction - Virtual University and Blended of complementary tools to deepen their knowledge and practice Learning with exercises. Nowadays there is a variety of virtual learning Nowadays, traditional educational institutions, such as pub- spaces, such as Adobe Connect, TeamViewer or iLinc [5]. The lic schools, colleges and universities and business organizations, University of Applied Sciences Brandenburg uses mainly the iL- use more and more the possibilities of electronic on-line train- inc software offered by the company netucate systems GmbH [3]. ing, the so-called ”e-Learning” [4]. Due to the growing world- This tool offers a number of opportunities to use learning mate- wide development of information, communication and computer rials and to interact with the students. The network performance technologies one can observe more and more acceptance of this and stability clearly showed that the use of virtual learning spaces kind of training opportunities in our society [1],[3],[7-21]. Not of Netucate with the iLinc software for online virtual tutorials is only is the global network of computers over the Internet and well suited and the performance is very good. The netucate sys- the versatility of digital media and products involved in the rise, tem allows the effective use of whiteboards, application sharing, but also the changing social conditions. Multimedia learning en- integrated browser and other features. We have introduced in the vironments are independent of space and time (see figures 1-5). undergraduate course on Algorithms and Data Structures a com- Thus, learners can decide flexibly despite their private, social and bination of classroom study and e-learning as a typical blended IS&T International Symposium on Electronic Imaging 2018 100-1 Mobile Devices and Multimedia: Enabling Technologies, Algorithms, and Applications 2018 learning scenario. It is important to mention here that the online ate programs in Computer Science, Medical Informatics, and Ap- tutorial will not replace your presence time in the university, but plied Computer Science (ACS) has been slightly improved from an additional structural support to individual learning processes. 2.9 to 2.6. The average grade of foreign students and students It allows students great flexibility, regardless of time and place with an immigrant background significantly improved from 3.3 they can deepen their thematic knowledge and their priorities. to 2.8. Particularly noteworthy is the improvement of the exami- Additionally, several Wikipedia books on specific topics on Al- nation results of female students in this group by more than one gorithms and Data Structures were created and corresponding an- grade from 3.4 to 2.2, which was apparently caused by the use of notated link lists for multimedia animations were added in the a female student as a tutor that had an extremely positive impact course site of the Moodle server (see Chapter 3). on the working atmosphere within the tutorials and virtual tutori- Additionally, for the digital recording of handwriting in the als. Conducted evaluation of the course based on the evaluation virtual learning space, a novel Bluetooth pen of the company forms of this form of learning revealed an overall rating of 1.7. Papershow [6] was available. This pen enables a vibrant de- Through the creation of lists of links, and appropriate integration sign of presentations, as handwritten notes, sketches or drawings of multimedia repository into Moodle pages FH Brandenburg and are transmitted in real time and significantly ”softer, smoother the Virtual High School, the sustainability of the project is saved. and more fluid handwriting” on the monitor screen in the virtual Therefore the project can “live” forever and must be kept up to learning space and works much better than conventional graphics date only with minimal effort from the teachers themselves. It tablets (digitizers, pen tablets) for writing. In addition, all tuto- is important to mention that it does not create any further costs. rials are recorded and made available free to all students at any Since the developed learning content is based on Wikipedia or time. Despite progressive developments in the electronic commu- free Internet content, now and in the future basically no copyright nications students always should feel that the teacher is present issues will arise [1]. during the entire virtual lecture and are accessible through inter- action. Summary In this paper we have described our experiences by using Creation of a Multimedia Repository virtual tutorials, Wikipedia books and multimedia-based teach- As part of this project, several multimedia repositories were ing in a course on Algorithms and Data Structures. We describe made on the individual topics of Algorithms and Data Structures our work, the benefits and success we gained from using virtual and made available to students online. These multimedia repos- tutorials held in Netucate iLinc sessions and the use of various itories consist of both new and custom-made Wikipedia books, multimedia and animation elements for the support of deeper un- Wikipedia links and on the other hand, of annotated list of links to derstanding of the ordinary lectures held in the standard class- selected interesting multimedia elements on the web. Wikipedia room on Algorithms and Data Structures for undergraduate com- books have the advantage that they allow a skillful selection of puter sciences students. The advantage of the use of Wikipedia available Wikipedia article in the Internet in a clever saved
Load more

Recommended publications
  • Damn Vulnerable Linux CCERT-PUBDOC-2007-04-190
    Damn Vulnerable Linux CCERT-PUBDOC-2007-04-190 Sigurnosni problemi u računalnim programima i operativnim sustavima područje je na kojem CARNet CERT kontinuirano radi. Rezultat toga rada ovaj je dokument, koji je nastao suradnjom CARNet CERT-a i LS&S-a, a za koji se nadamo se da će Vam koristiti u poboljšanju sigurnosti Vašeg sustava. CARNet CERT, www.cert.hr - nacionalno središte za sigurnost računalnih mreža i sustava. LS&S, www.lss.hr - laboratorij za sustave i signale pri Zavodu za elektroničke sustave i obradbu informacija Fakulteta elektrotehnike i računarstva Sveučilišta u Zagrebu. Ovaj dokument predstavlja vlasništvo CARNet-a (CARNet CERT-a). Namijenjen je za javnu objavu, njime se može svatko koristiti, na njega se pozivati, ali samo u originalnom obliku, bez ikakvih izmjena, uz obavezno navođenje izvora podataka. Korištenje ovog dokumenta protivno gornjim navodima, povreda je autorskih prava CARNet-a, sukladno Zakonu o autorskim pravima. Počinitelj takve aktivnosti podliježe kaznenoj odgovornosti koja je regulirana Kaznenim zakonom RH. Revizija v1.0 CCERT-PUBDOC-2007-04-190 Stranica 2 / 15 Sadržaj 1 UVOD .............................................................................................................................................. 4 2 OPĆENITO O DAMN VULNERABLE LINUX SUSTAVU .................................................................................. 5 2.1 SVRHA SUSTAVA..................................................................................................................................... 5 2.2
    [Show full text]
  • Debian \ Amber \ Arco-Debian \ Arc-Live \ Aslinux \ Beatrix
    Debian \ Amber \ Arco-Debian \ Arc-Live \ ASLinux \ BeatriX \ BlackRhino \ BlankON \ Bluewall \ BOSS \ Canaima \ Clonezilla Live \ Conducit \ Corel \ Xandros \ DeadCD \ Olive \ DeMuDi \ \ 64Studio (64 Studio) \ DoudouLinux \ DRBL \ Elive \ Epidemic \ Estrella Roja \ Euronode \ GALPon MiniNo \ Gibraltar \ GNUGuitarINUX \ gnuLiNex \ \ Lihuen \ grml \ Guadalinex \ Impi \ Inquisitor \ Linux Mint Debian \ LliureX \ K-DEMar \ kademar \ Knoppix \ \ B2D \ \ Bioknoppix \ \ Damn Small Linux \ \ \ Hikarunix \ \ \ DSL-N \ \ \ Damn Vulnerable Linux \ \ Danix \ \ Feather \ \ INSERT \ \ Joatha \ \ Kaella \ \ Kanotix \ \ \ Auditor Security Linux \ \ \ Backtrack \ \ \ Parsix \ \ Kurumin \ \ \ Dizinha \ \ \ \ NeoDizinha \ \ \ \ Patinho Faminto \ \ \ Kalango \ \ \ Poseidon \ \ MAX \ \ Medialinux \ \ Mediainlinux \ \ ArtistX \ \ Morphix \ \ \ Aquamorph \ \ \ Dreamlinux \ \ \ Hiwix \ \ \ Hiweed \ \ \ \ Deepin \ \ \ ZoneCD \ \ Musix \ \ ParallelKnoppix \ \ Quantian \ \ Shabdix \ \ Symphony OS \ \ Whoppix \ \ WHAX \ LEAF \ Libranet \ Librassoc \ Lindows \ Linspire \ \ Freespire \ Liquid Lemur \ Matriux \ MEPIS \ SimplyMEPIS \ \ antiX \ \ \ Swift \ Metamorphose \ miniwoody \ Bonzai \ MoLinux \ \ Tirwal \ NepaLinux \ Nova \ Omoikane (Arma) \ OpenMediaVault \ OS2005 \ Maemo \ Meego Harmattan \ PelicanHPC \ Progeny \ Progress \ Proxmox \ PureOS \ Red Ribbon \ Resulinux \ Rxart \ SalineOS \ Semplice \ sidux \ aptosid \ \ siduction \ Skolelinux \ Snowlinux \ srvRX live \ Storm \ Tails \ ThinClientOS \ Trisquel \ Tuquito \ Ubuntu \ \ A/V \ \ AV \ \ Airinux \ \ Arabian
    [Show full text]
  • Smashing the Stack in 2011 | My
    my 20% hacking, breaking things, malware, free time, etc. Home About Me Undergraduate Thesis (TRECC) Type text to search here... Home > Uncategorized > Smashing the Stack in 2011 Smashing the Stack in 2011 January 25, 2011 Recently, as part of Professor Brumley‘s Vulnerability, Defense Systems, and Malware Analysis class at Carnegie Mellon, I took another look at Aleph One (Elias Levy)’s Smashing the Stack for Fun and Profit article which had originally appeared in Phrack and on Bugtraq in November of 1996. Newcomers to exploit development are often still referred (and rightly so) to Aleph’s paper. Smashing the Stack was the first lucid tutorial on the topic of exploiting stack based buffer overflow vulnerabilities. Perhaps even more important was Smashing the Stack‘s ability to force the reader to think like an attacker. While the specifics mentioned in the paper apply only to stack based buffer overflows, the thought process that Aleph suggested to the reader is one that will yield success in any type of exploit development. (Un)fortunately for today’s would be exploit developer, much has changed since 1996, and unless Aleph’s tutorial is carried out with additional instructions or on a particularly old machine, some of the exercises presented in Smashing the Stack will no longer work. There are a number of reasons for this, some incidental, some intentional. I attempt to enumerate the intentional hurdles here and provide instruction for overcoming some of the challenges that fifteen years of exploit defense research has presented to the attacker. An effort is made to maintain the tutorial feel of Aleph’s article.
    [Show full text]
  • GNU/Linux Distro Timeline LEAF Version 10.9 Skolelinux Lindows Linspire Authors: A
    1992 1993 1994 1995 1996 1997 1998 1999 2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 Libranet Omoikane (Arma) Gibraltar GNU/Linux distro timeline LEAF Version 10.9 Skolelinux Lindows Linspire Authors: A. Lundqvist, D. Rodic - futurist.se/gldt Freespire Published under the GNU Free Documentation License MEPIS SimplyMEPIS Impi Guadalinex Clonezilla Live Edubuntu Xubuntu gNewSense Geubuntu OpenGEU Fluxbuntu Eeebuntu Aurora OS Zebuntu ZevenOS Maryan Qimo wattOS Element Jolicloud Ubuntu Netrunner Ylmf Lubuntu eBox Zentyal Ubuntu eee Easy Peasy CrunchBang gOS Kiwi Ubuntulite U-lite Linux Mint nUbuntu Kubuntu Ulteo MoLinux BlankOn Elive OS2005 Maemo Epidemic sidux PelicanHPC Inquisitor Canaima Debian Metamorphose Estrella Roja BOSS PureOS NepaLinux Tuquito Trisquel Resulinux BeatriX grml DeadCD Olive Bluewall ASLinux gnuLiNex DeMuDi Progeny Quantian DSL-N Damn Small Linux Hikarunix Damn Vulnerable Linux Danix Parsix Kanotix Auditor Security Linux Backtrack Bioknoppix Whoppix WHAX Symphony OS Knoppix Musix ParallelKnoppix Kaella Shabdix Feather KnoppMyth Aquamorph Dreamlinux Morphix ZoneCD Hiwix Hiweed Deepin Kalango Kurumin Poseidon Dizinha NeoDizinha Patinho Faminto Finnix Storm Corel Xandros Moblin MeeGo Bogus Trans-Ameritech Android Mini Monkey Tinfoil Hat Tiny Core Yggdrasil Linux Universe Midori Quirky TAMU DILINUX DOSLINUX Mamona Craftworks BluePoint Yoper MCC Interim Pardus Xdenu EnGarde Puppy Macpup SmoothWall GPL SmoothWall Express IPCop IPFire Beehive Paldo Source Mage Sorcerer Lunar eIT easyLinux GoboLinux GeeXboX Dragora
    [Show full text]
  • Practical Linux Topics
    Binnie BOOKS FOR PROFESSIONALS BY PROFESSIONALS® THE EXPERT’S VOICE® IN LINUX Practical Linux Topics Practical Practical Linux Topics This book teaches you how to improve your hands-on knowledge of Linux using challenging, real-world scenarios. Each chapter explores a topic that has been chosen specifically to demonstrate how to enhance your base Linux system, and resolve important issues. This book enables sysadmins, DevOps engineers, developers, and other technical professionals to make full use of Linux’s rocksteady foundation. Practical Linux Explore specific topics in networking, e-mail, filesystems, encryption, system monitoring, security, servers, and more—including systemd and GPG. Understand salient security concerns and how to mitigate them. Applicable to almost all Linux flavors—Debian, Red Hat, Ubuntu, Linux Mint, CentOS—Power Linux Topics can be used to reference other Unix-type systems Topics with little modification. Improve your practical know-how and background knowledge on servers and workstations alike, increase your ability to troubleshoot and ultimately solve the daily challenges encountered — by all professional Linux users. Empower your Linux skills by adding Power Linux Topics to your library today. Chris Binnie US . ISBN 978-1-4842-1771-9 Shelve in: 54999 Linux/General User level: Intermediate–Advanced 9781484 217719 SOURCE CODE ONLINE www.apress.com Practical Linux Topics Chris Binnie Practical Linux Topics Copyright © 2016 by Chris Binnie This work is subject to copyright. All rights are reserved by the Publisher, whether the whole or part of the material is concerned, specifically the rights of translation, reprinting, reuse of illustrations, recitation, broadcasting, reproduction on microfilms or in any other physical way, and transmission or information storage and retrieval, electronic adaptation, computer software, or by similar or dissimilar methodology now known or hereafter developed.
    [Show full text]
  • January 2012 Slides .Pdf Format
    12 For 12 12 Things to Know/Try for a Better 2012 by Aaron Grothe Security+/CISSP/NSA IAM/NSA IEM Introduction 12 for 12? Goal is to provide a quick example of some tools/sites that you might not be aware of. Each one of them meets the following criteria: I found them cool/neat/useful :- ) Hopefully you will too Links are at the end of the talk Slides are already posted at the NEbraskaCERT website http://www.nebraskacert.org/csf Introduction (Continued) If you have questions/comments please feel free to ask them anytime. You don't have to hold them until the end of the talk. If there are other resources similar to these that you think might be useful to people please let the group know. Hopefully this will be an interactive and productive session. Security LiveCDs/USB Sticks Go back quite a ways - everybody seems to be doing a remaster of Ubuntu these days Couple of the better ones ● CAINE - One I'm mostly using right now ● OpenDiag - Simple/Easy great for resetting NT passwords ● Katana - Bunch of Tools in one package ● Backtrack - one of the standards ● BartsPE - Windows XP live cd maker Webgoat Quite simply if you want to learn about web application security here is where to start ● Provides a simple Tomcat environment that is setup insecurely ● Provides a set of lessons to get you started ○ Learn about messing around with Input parameters ○ Learn about SQL injections ● Used together with WebScarab (a web proxy), you can learn a lot about how to test security for websites ● This is horribly insecure.
    [Show full text]
  • Debian GNU/Linux Since 1995
    Michael Meskes The Best Linux Distribution credativ 2017 www.credativ.com Michael • Free Software since 1993 • Linux since 1994 Meskes • Debian GNU/Linux since 1995 • PostgreSQL since 1998 credativ 2017 www.credativ.com Michael Meskes credativ 2017 www.credativ.com Michael • 1992 – 1996 Ph.D. • 1996 – 1998 Project Manager Meskes • 1998 – 2000 Branch Manager • Since 2000 President credativ 2017 www.credativ.com • Over 60 employees on staff FOSS • Europe, North America, Asia Specialists • Open Source Software Support and Services • Support: break/fix, advanced administration, Complete monitoring Stack • Consulting: selection, migration, implementation, Supported integration, upgrade, performance, high availability, virtualization All Major • Development: enhancement, bug-fix, integration, Open Source backport, packaging Projects ● Operating, Hosting, Training credativ 2017 www.credativ.com The Beginning © Venusianer@German Wikipedia credativ 2017 www.credativ.com The Beginning 2nd Try ©Gisle Hannemyr ©linuxmag.com credativ 2017 www.credativ.com Nothing is stronger than an idea whose Going time has come. Back On résiste à l'invasion des armées; on ne résiste pas à l'invasion des idées. In One withstands the invasion of armies; one does not withstand the invasion of ideas. Victor Hugo Time credativ 2017 www.credativ.com The Beginning ©Ilya Schurov Fellow Linuxers, This is just to announce the imminent completion of a brand-new Linux release, which I’m calling the Debian 3rd Try Linux Release. [. ] Ian A Murdock, 16/08/1993 comp.os.linux.development credativ 2017 www.credativ.com 1992 1993 1994 1995 1996 1997 1998 1999 2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013 Libranet Omoikane (Arma) Quantian GNU/Linux Distribution Timeline DSL-N Version 12.10-w/Android Damn Small Linux Hikarunix Damn Vulnerable Linux A.
    [Show full text]
  • Ethical Hacking
    ISA 330 Introduction to Proactive System Security Week #1 Ethical Hacking Philip Robbins – August 31, 2013 Information Security & Assurance Program University of Hawai'i West Oahu 1 Ethical Hacking Topics • Introductions • Syllabus Review • Fundamentals of Ethical Hacking • Class Discussion • Tools • Security Resources • Review Questions, Q&A 2 Introductions Who am I? • Information Systems Authorizing Official Representative ‐ United States Pacific Command (USPACOM) ‐ Risk Management Field ‐ Assessments to USPACOM Authorizing Official / CIO • Former Electronics & Environmental Engineer • Bachelor of Science in Electrical Engineering • Master of Science in Information Systems • Ph.D. Student in Communication & Information Sciences • Certified Information Systems Security Professional (CISSP) and Project Management Professional (PMP) 3 Syllabus Class Textbook 4 Fundamentals “A locked door keeps an honest man out.” 5 Fundamentals • Introduction to Proactive System Security What this class IS about: An introductory course in adopting a proactive (v.s. reactive) stance towards systems security. What this class IS NOT about: An offensive class in hacking. How does one better understand how to defend against system security attacks? By performing and testing against them. 6 Fundamentals • In the news: Facebook CEO personal page hacked by Palestinian white hat. Chinese suffers largest internet attack in history. Syrian Electronic Army takes down the New York Times. http://www.cnn.com/video/data/2.0/video/world/2013/08/19/worldone‐clancy‐zuckerberg‐facebook‐security‐flaw.cnn.htm 7 Fundamentals • In the news: Facebook CEO personal page hacked by Palestinian white hat. Chinese suffers largest internet attack in history. Syrian Electronic Army takes down the New York Times. http://money.cnn.com/2013/08/26/technology/china‐cyberattacks/index.html 8 Fundamentals • In the news: Facebook CEO personal page hacked by Palestinian white hat.
    [Show full text]
  • M.Tech. Cyber Security Systems and Networks
    M.TECH. CYBER SECURITY SYSTEMS AND NETWORKS Amrita Center for Cyber Security Systems and Networks This M.Tech programme aims to train the students in the cyber security discipline through a well designed combination of courseware and it s application on real-world scenarios. The programme has a strong emphasis on foundational course such mathematics for security application, advanced algorithms, networks etc., in addition to diverse subject core areas such as cryptography, operating systems and security, cloud security, security of cyber physical systems etc. Students will be exposed to real-world problems, open-end problems and simulated real-life scenarios with active guidance from domain experts in this field. The programme will help the students to: 1. Comprehend the various security threats and vulnerabilities of the cyber world keeping in line with industrial trends. 2. Scale up to the demand from multiple industrial sectors on the cyber world to promote effective methods, practices and tools to counter the cyber crimes. 3. To be able to architect, design and implement fool-proof product line in the field of cyber security. Ultimately this programme will yield next generation cyber security leaders who can be successfully employed in various sectors of industries, business firms, Government departments, financial bodies, educational institutions, etc, and these sectors generate huge demand for well-trained, professional people to be employed on cyber security front and they are always on the look-out for professionally trained people
    [Show full text]
  • Debian Une Distribution, Un Projet, Des Contributeurs
    https://people.debian.org/~taffit/talks/2018/ Debian Une distribution, un projet, des contributeurs David Prévot <[email protected]> Mercredi 27 mars 2018 — Lycée Aorai Quelques dates ● Fondée par Ian Murdock (16 août 1993) ● Debian 1.1 Buzz (17 juin 1996) ● Principes du logiciel libre selon Debian (DFSG) (5 juillet 1997) ● Première DebConf à Bordeaux (5 juillet 2000) https://www.debian.org/doc/manuals/project-history/ This hostname is going in dozens of remote config files. Changing a kid’s name is comparatively easy! https://xkcd.com/910/ Quelques chiffres ● Plus de 50 000 paquets binaires ● Installateur disponible en 75 langues ● 10 architectures (amd64, i386, armel, armhf…) ● Des centaines de distributions dérivées (Tails, Ubuntu, etc.) ● Des milliers de contributeurs https://www.debian.org/News/2017/20170617 Répartition des développeurs https://www.debian.org/devel/developers.loc Distributions majeures et dérivées ● Une poignées de distributions Linux à la base : Debian, Red Hat Enterprise Linux, Slackware, Gentoo, Arch Linux, Android, etc. ● De nombreuses distributions sont dérivées des précédentes : Tails, Ubuntu ou Raspbian par exemple pour Debian 1992 1993 1994 1995 1996 1997 1998 1999 2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013 2014 2015 2016 2017 2018 2019 Libranet Omoikane (Arma) Quantian GNU/Linux Distributions Timeline Damn Small Linux Version 17.10 Damn Vulnerable Linux KnoppMyth © Andreas Lundqvist, Donjan Rodic, Mohammed A. Mustafa Danix © Konimex, Fabio Loli and contributors https://github.com/FabioLolix/linuxtimeline
    [Show full text]
  • Damn Vulnerable Linux
    A a p n u p d n r c iv o o e v m rs e d m it d e y l u r e r c i c in a tu g l t r ra e s in The Ultimate Vulnerable Operating System in g s! Based on the original DSL, the Damn Vulnerable Linux distribution provides with 150 MB of size an ultimate vulnerable operating system to address the many challenges of training the development of secure software systems. Free Simple and Small, Easy to start Damn Vulnerable Linux is an official free community Damn Vulnerable Linux is kept simple and small as driven project by IITAC – International Institute for possible. With no extensive grafical requirements it is Training, Assessment, and Certification. It is based on the even runnable on a low performance machine. With a free Damn Small Linux distribution. size of about 150 MB it does even fit on an USB stick – ready to go! Free RAM of 350 MB size is required only to run Damn Vulnerable Linux in memory. Damn Vulnerable Vulnerable Linux is extremely easy to start. Using a Damn Vulnerable Linux has been designed to be as much free virtual machine such as Xen or the free VMWare vulnerable as possible. With many pre-installed Player it can be booted within seconds - independant vulnerable and exploitable applications it provides the which platform you are using as base system. Without perfect environment to train IT-Security & IT-Anti- any need to install a new operating system. And if the Security missions.
    [Show full text]
  • Security Utilizing Multiple Options by Russ Mcree – ISSA Member, Puget Sound (Seattle), USA Chapter
    toolsmith ISSA Journal | May 2009 SUMO Linux: Security utilizing multiple options By Russ McRee – ISSA member, Puget Sound (Seattle), USA Chapter Prerequisites You might enjoy giving a listen to the February 27, 2009 SecuraBit Episdode 23 Bootable DVD reader for 1.0 (2.0 will include CDR &USB re- podcast5 where they interview Marcus leases) about the pending 2.0 release. Similar Projects Using SUMO Linux SystemResueCD1 Ultimate Boot CD2 A brief overview of each distribution Hopefully you’re familiar with at least one or two of the dis- tributions included with SUMO Linux: y RSS reader fed me a bit of toolsmith nirvana a 6 few of months ago, and I’ve been looking forward • The venerable Backtrack 3 is the top-rated live distribu- to sharing it with you ever since. tion dedicated to penetration testing M 7 SUMO Linux3 is the brain child of Marcus Carey of Sun Tzu • Darik’s Boot and Nuke (dban) is an extremely useful dis- Data in Washington, D.C area. As part of his DojoSec events tribution that securely wipes the hard disks of most com- and training program, Marcus found himself, and his stu- puters dents, frustrated with needing various tools from different 8 • DVL (Damn Vulnerable Linux) is described as the most Live CD distributions. Powering down, loading a new disc, vulnerable and exploitable operating system ever! and waiting until the new one comes up; annoying and trou- • Helix 2.0 (or 2008), a distribution dedicated to computer blesome to say the least. forensics, is sadly no longer freely available, another great SUMO Linux 1.0 is the genesis of that teaching experience – reason to make use of SUMO Linux.
    [Show full text]