<div>
Good to jote the testing done involving nessus with metasploitable too<br />
<a href="http://hackertarget.com/nessus-openvas-nexpose-vs-metasploitable/" rel="ugc">http://hackertarget.com/nessus-openvas-nexpose-vs-metasploitable/</a>
</div>


Good to jote the testing done involving nessus with metasploitable too
http://hackertarget.com/nessus-openvas-nexpose-vs-metasploitable/ [http://hackertarget.com/nessus-openvas-nexpose-vs-metasploitable/]

<div>
<div class="content wysiwyg-content">
Experts,<br />
<br />
For a small IT Service Management team I want to organize a small, hands-on workshop of 1 hour to teach the basics of scanning for vulnerabilities with Nessus and exploiting vulnerabilities, preferably with Metasploit. <br />
<br />
I'm looking for a particularly vulnerable version of Linux to include in the testlab. I've heard about Damn Vulnerable Linux, but then again I also heard that it is more tailored towards web application security.<br />
<br />
Any thoughts?
</div>
</div>


Experts,

For a small IT Service Management team I want to organize a small, hands-on workshop of 1 hour to teach the basics of scanning for vulnerabilities with Nessus and exploiting vulnerabilities, preferably with Metasploit. 

I'm looking for a particularly vulnerable version of Linux to include in the testlab. I've heard about Damn Vulnerable Linux, but then again I also heard that it is more tailored towards web application security.

Any thoughts?

Short workshop pentesting (Nessus/Metasploit) - how to build the lab?

A vulnerability is a weakness which allows an attacker to reduce a system's information assurance. Vulnerability is the intersection of three elements: a system susceptibility or flaw, attacker access to the flaw, and attacker capability to exploit the flaw. To exploit a vulnerability, an attacker must have at least one applicable tool or technique that can connect to a system weakness, known as the attack surface. Vulnerability management is the cyclical practice of identifying, classifying, remediating, and mitigating vulnerabilities. Other vulnerabilities include security risks, security defects and constructs in programming languages that are difficult to use properly.

Vulnerabilities

IT Administration is the processes and best practices for programming and development, and incorporates methodologies for managing activities and projects. Common methodologies include waterfall, prototyping, iterative and incremental development, spiral development, rapid application development, extreme programming and various types of agile methodology. The life-cycle "model" is a more general term for a category of methodologies, and a software development "process" a more specific term to refer to a specific process chosen by a specific organization.

IT Administration

Operating system security (OS security) is the process of ensuring OS integrity, confidentiality and availability. OS security refers to specified steps or measures used to protect the OS from threats, viruses, worms, malware or remote hacker intrusions. OS security encompasses all preventive-control techniques, which safeguard any computer assets capable of being stolen, edited or deleted if OS security is compromised, including authentication, passwords and threats to systems and programs.