Why a home lab?
As a cybersecurity professional (or any technical individual for that matter), a home lab is advantageous to truly understanding the systems, networks and protocols that make up enterprise networks. With a base understanding of how things should work, then you can learn how to exploit systems in ways that shouldn't work.
The experience of creating, maintaining and using a home lab, with all the configuration and troubleshooting involved, will give you hands-on experience that you simply won't get from textbooks. Sure, home labs aren't the same scale as corporate environments, but you will be able to build, configure and test technologies that you shouldn't on production networks and systems. Unless you work for some companies where their production network IS their testing network (now that doesn't happen at all does it?).
What's cool about having your own home lab:
- you can break whatever you want and you will only affect your systems and the time you take fixing it
- you can customize all of it, you don't have to accept a network or system that someone has else built, with all its idiosyncrasies and issues
- if you no longer want to work on a project, wipe it out and build something else, its your technical cave
- want to try the new coolest Linux distro, latest Microsoft OS or some awesome PTP application? Just fire up a virtual machine and do it!
You may be asking, "why don't you just spin up systems in the cloud, it's pretty cheap to do so." Well, in my line of administration work, I occasionally have opportunities to acquire used servers and devices for pretty cheap. Plus, I prefer to pay for something once and use it for a long time versus a re-occurring bill from a cloud provider every month. Don't get me wrong, I'm an advocate for the cloud since we use lot of cloud services at my work, but personally, I like having the ability to connect to my systems at any time and pick up where I left off without worrying about CPU cycles eating into my wallet. Plus, I can run as many virtual machines as my hardware can handle (I've run around 50 or so at the same time in the past, imagine that AWS bill!). Like they say, the cloud is just someone else's computer anyways...
My Lab
In the beginning, I created my home lab as a way to learn Cisco networking. As more and more systems and devices have become virtual machines (VMs), my physical routers are gathering dust while my pizza box servers are the ones getting used. This is great for us technical heads, since less hardware is needed to accomplish our objectives. My home lab has evolved with my learning journey to whatever I have needed it to be.
My lab consists the following systems:
- 2x Dell PowerEdge R720 systems
- 2x 8-core CPUs, 192GB RAM, 3TB HD space, 2x 10Gb fiber network interfaces
- 2x HPE ProLiant DL360 G9 systems
- 2x 12-core CPUs, 256GB RAM, 5TB HD space, 4x 10Gb fiber network interfaces
- 2x Cisco switches
- 1Gb for management traffic, 10Gb for inter-server traffic
- 1x Avocent KVM (keyboard, video, mouse)
- server consoles accessible from across the network
- 2x Power Distribution Units (PDUs)
- power controls for all systems/devices from across the network
- 2x Linksys WRT-54G Wireless Access Points (WAPs)
- older units for doing WiFi testing and attacks
Hardware for Beginner Lab
If you are just starting out with your home lab project, you can just about any second system to start. Some have used an old laptop or desktop that was stored in a deep closet crevice as a first home lab system. If you have a pretty beefy laptop or desktop, you can run a virtualization program such as VMware Workstation (Windows) or VMware Fusion (MacOS) to run a couple of VMs at a time.
If you have the itch for something bigger (home labs can be addictive), there are tons of systems for sale on eBay or Craigslist for a much reduced cost. A great deal can be had with patience and diligent looking.
What has worked for me in the past when looking for used servers is to first, look for a base system for a decent price. A base system consists of the chassis, motherboard and power supplies. Most servers come with a CPU, RAM and a hard drive, but it may be very minimal. This isn't necessarily a bad thing. It's a starting point that you can build upon.
As time goes on and your needs increase (which they most certianly will), look into adding more RAM DIMMs, which is is the main factor for how many VMs you can run simultaneously. CPUs will often run pretty low for most VMs (depending on operating system), but memory will be consumed even if the VM's activity minimal. Make sure you acquire RAM DIMMs that are compatible with your motherboard AND any current and future CPUs that you want to purchase. CPUs are particular about the number and types of memory DIMMs they are paired with, so shop carefully. Be aware that some systems can handle DIMMs of different sizes and speeds, but others may not. Do your research on the system vendor's documentation and website to avoid making an ill purchase.
Of course, who doesn't want more horsepower? Once you work our the details for your memory DIMMs, adding a second CPU should be next on the list. It's recommended that both processors are identical for maximum compatibility. In most cases, it's required that they be identical. Make sure the manufacturer, number of cores, clock speed, the stepping value and socket type are correct for your system's motherboard.
The next item usually is network interface cards (NICs) and possibly lots of them. Most server systems within the last ten years or so have at least two NICs integrated into the motherboard, but for inter-server networking, its always helpful to have multiple network interfaces. Luckily, dual and quad-port Gigabit ethernet cards are fairly inexpensive. 10 Gigabit fiber ethernet cards can be pricey along with the associated cables, but they are coming down in price on the used market. Verify that whatever cards you purchase are compatible with the hypervisor you need to run. VMware ESXi is especially particular with this, so check your hypervisor's version compatibility list to be sure. Linux-based hypervisors are less prone to have compatibility issues, but use your Google-fu to reassure yourself.
This has been post 1 of 4 part series relating to building a home lab. See the other parts for additional information.
Part 2 - Software