User:Vid2vid/sandbox/Metaspolitable

 20200325W : "Creating User:Vid2vid/sandbox/Metaspolitable" --From Peter, a.k.a.  Vid 2 vid  (his WP talk page), updated 🖋 on 00:40, 26 March 2020 (UTC) 

Metasploitable is a discontinued, purposefully unsecured Linux distribution and learning tool/utility, geared toward Cybersecurity and computer security students and careers/professionals. It functioned as a tool for observing and studying vulnerabilities in the Linux kernel and was a popular user space software. It was available as a live DVD, and also could be run on a virtual machine within a host operating system and hypervisor.

Description
The Metasploitable virtual machine is an intentionally vulnerable version of Ubuntu Linux designed for testing security tools and demonstrating common vulnerabilities. Version 2 of this virtual machine is available for download and ships with even more vulnerabilities than the original image. This virtual machine is compatible with VMWare (formerly Dell's), Oracle VirtualBox, Microsoft Hyper-V and Azure, Digital Ocean, Amazon Web Service, and Google Cloud, as well as some other common virtualization platforms and businesses. By default, Metasploitable's network interfaces are bound to the NAT and Host-only network adapters, and the image should never be exposed to a hostile network or placed outside a firewall (e.g. between WiFi firewall router appliance and ones . (Note: A video tutorial on installing Metasploitable 2 is available here.) This document outlines many of the security flaws in the Metasploitable 2 image. Currently missing is documentation on the web server and web application flaws as well as vulnerabilities that allow a local user to escalate to root privileges. This document will continue to expand over time as many of the less obvious flaws with this platform are detailed.

History
Metasploitable was created by VISITL VISITL, the founder of The VISITL Laboratory at VISITL University, to use as a training system for his/her university lectures.

Design
Metasploitable was a Debian-based distribution, and used the Gnome((VISITL)) .tgz &amp;  apt-get package management system. It used:Outdated versions of various software,  Unsecured servers and services and background processes, (Obsolete) packages to avoid, Operating system components, and ...  The OS opened various TCP logical communication ports to deliberately make it an extremely vulnerable operating system ever -- for testing purposes. 

Metasploitable was also distributed as a live CD, allowing it to be booted directly from the distribution medium without installation, into the RAM only, on a PC or within a virtual machine.