A quick look into DVL 1.0 and what it has to offer.
When I first downloaded DVL I thought to myself, where are all of the tools? There are a few disassembly and related tools in the menu but none of your standard hacking tools such as nmap, metasploit, etc… It is not until you couple the live distribution with the tutorial videos that everything comes together. After watching the videos you get a taste of what DVL has to offer and what you have to look forward to in the future. The DVL staff recognized that most of the tutorials on the Internet were either hard to follow, didn’t work, or were just too advanced for many users. They packaged Tools, Workbooks, Text Tutorials, and Exploits into one easy to use live distribution then took the extra step to create their own video tutorials.
DVL can be categorized as a learning distribution which will most likely be paired with OWASP LabRat and Hackin9. The main difference in LabRat is that it is being purpose built for web application security and OWASP tools. Hackin9 is also a great learning CD but only if you get the CD with the magazine. The downloadable ISO does not contain all of the tutorials which are in the magazine version. To the best of my knowledge there are no other live security distributions made specifically for learning. BackTrack, nUbuntu, Knoppix-STD, and others are built for security professionals to use on their own. They can be used for learning but were not purpose built for that task.
Students, Hobbyist, and professionals should all enjoy the challenges presented in DVL. There are enough lessons to keep users busy without overwhelming them. As long as the DVL staff can continue to put out tutorials and lessons at a steady pace, DVL will be a great learning tool. Based on the DVL websites and the other sites which they link to, I would venture to guess that most releases and updates to DVL will be related to reverse engineering, disassembly, and a few web exploits like those in the current release.
The one thing that sets DVL apart the most is the focus on buffer overflows and disassembly. Disassembly is often talked about in conjunction with buffer overflows and reverse engineering. Disassembling is when someone breaks down a program into the assembly language for further analysis. By doing this, users can analyze code at a very low level and look for security issues. No other distribution currently available provides the same level of educational insight into these areas. There have been many excellent papers on the subject over the years, such as: Smashing the Stack for Fun and Profit, but these generally don’t come with learning tools in a self contained, easy to use environment.
Overall DVL is a great learning distribution, especially for people with an interest in disassembly and buffer overflows. I truly hope to see the staff release more free video tutorials and keep the distribution updated so that followers always have something new to learn. If the free version is not enough they have a commercial version which appears to supply more challenges.