The Cyber Sandbox - Creating a Home Lab for Endless Exploration
The world of IT and security is constantly changing; without dedicating time to keep up, it can be easy to fall behind.
When I was in college our professors always made it a point to warn us that our field was constantly changing and would require a lot of continuous learning. I remember feeling confident and had no worries at all because I could not imagine a world where I wasn’t in the know on the latest technologies. Back then I was constantly tinkering, reading, and building something that kept me involved in everything from software development to infrastructure.
Fast forward 10 years and now I’ll hear developers or engineers talk about things I have never even heard of! Turns out as you get older it gets harder and harder to keep up on all of the cool new things if they aren’t directly related to your day job. The only thing in my way is me, so I decided to put some spare hardware to use and build out my home lab.
Hardware
When I first got into home labs I was all about hardware, I wanted a rack with multiple servers churning away, and all the blinking lights. Now my goal is as much power in as small a package as possible, and I think I have achieved that with my current setup.
Specs
| Hardware | Specification |
|---|---|
| Motherboard | Supermicro X10SDV-8C-TLN4f+ |
| CPU | Intel Xeon D-1537 (8c/16t) |
| RAM | 128 GB (ECC) |
| Storage | 1TB NVMe |
| OS | Proxmox VE 8.2.2 |
This is the first time I will be diving deep into Proxmox as I used to be a die-hard VMware user. I started my career learning ESXi 5.X and deploying HA clusters with vCenter, distributed switching, etc. and I spent years learning everything I could about VMware’s hypervisor products (I even wanted to work for them some day); after the recent events with Broadcom though, I have definitely shifted away from that. Proxmox is also incredibly capable and feature rich for being free so I am excited to get more hands on time with it.
Planning
I am treating this lab environment like any other system by thinking through goals and projects (requirements), design, and resource allocation. Even though I am the only one that will access it, I am also going to be thorough in my documentation. My home lab should be something that helps me improve my skills all around so I don’t want to get lazy or take shortcuts. I’ve started jotting down some initial plans and estimating resource allocation for the core services/design of the lab to get started.
I won’t hold myself to it or force myself through a change control process (I wanted to be thorough, not hate myself) because at the end of the day this is a lab and I anticipate things will constantly change and evolve. The foundation of the environment should remain relatively stable, however, to support the rest of the lab (authentication, DNS, etc.).
Projects and Goals
| Project | Why |
|---|---|
| Deploy a SIEM | I’ve worked a little with SIEMs in the past, but I haven’t spent time deploying and configuring one so this is an important exercise |
| Deploy k8s | Kubernetes is increasing in adoption and admittedly my knowledge of containerization stops at Docker. I am excited to dive deep into k8s |
| Implement Ansible/Terraform | With the world moving into containerized workloads and cloud based environments, infrastructure as code plays a huge role in rapid deployment. I have no experience here and it’ll be valuable also from a security perspective to understand the threat landscape |
| Implement Zero Trust | I understand it from a technical/architecture perspective, I have used it, but I have never designed and implemented it. This one is more for fun just to get hands on |
| NIST 800-171 Compliance | This one is a little crazy, I get that, especially because in most of my career roles this is what I invest a lot of time on. My goal here is to get as close to a perfect score on the 800-171 assessment as possible and build out templates to share for control tracking, SSPs, policies, etc. |
What’s next?
As of now, the hardware is assembled in a nice little case, Proxmox has been installed, and I have done some basic initial setup. Next I need to deploy OPNsense and configure the virtual networks and then build out my domain controllers and configure Active Directory. I think my first project will be deploying Wazuh to get my SIEM/XDR up and running. I plan on making posts along the way so be sure to check back in!