whoami
whoami
Home lab
Home lab

Home lab

1. Overview of the Home Lab Setup

The goal of this home lab is to create a versatile environment for learning, testing, and experimenting with cybersecurity tools, techniques, and network configurations. It includes virtualization, a pfSense firewall, VLANs, attack/scanning machines, Windows enterprise setups, vulnerable machines, and monitoring systems.

2. Hardware Used

  • Dell R730 Server: 256GB of RAM, 4x 1.2TB HDDs (RAID 5), and a 2TB NVMe drive.
  • Additional Hardware:
    • GPU for added processing power.
    • External USB SSD for initial Proxmox installation.
  • Old Laptops: Used for Kali Linux bare-metal installation.

3. Initial Setup of Proxmox

  1. Install Proxmox:
    • Booted from an external USB SSD to install Proxmox.
    • Configured the Proxmox environment and network settings.
  2. Resolved Storage Issues:
    • Initially struggled with the M.2 NVMe and SAS HDD drives not being recognized.
    • Reconfigured the NVMe drive to ensure the full 2TB was usable for local storage.
    • Set up RAID 5 for the 4x 1.2TB HDDs for redundancy and performance.

4. Network Configuration with pfSense

  1. Install pfSense:
    • Created a virtual machine in Proxmox to install pfSense.
    • Assigned two network interfaces for WAN and LAN connectivity.
  2. Configure VLANs:
    • Defined VLANs to segment the network:
      • Scanning/Attack LAN: Isolated network for Kali and Nessus.
      • Windows Enterprise Environment: For Windows Domain Controller and clients.
      • Vulnerable Machines LAN: For Metasploitable 2, DVWA, and VulnHub VMs.
      • Monitoring/Utility LAN: For Wazuh, Docker instances, and Portainer.
  3. Set Firewall Rules:
    • Configured VLAN-specific rules to ensure proper isolation and secure communication between VLANs.

5. Virtual Machines and Environments

  1. Scanning/Attack Environment:
    • Kali Linux: Installed and used for penetration testing and network scanning.
    • Nessus: Installed for vulnerability scanning.
  2. Windows Enterprise Environment:
    • Server 2019 Domain Controller: Configured Active Directory, DNS, and Group Policy.
    • Windows 10 and Windows 11 Clients: Joined to the domain for testing group policies and other enterprise scenarios.
  3. Vulnerable Machines:
    • Metasploitable 2: Installed for exploitation practice.
    • DVWA and BWApp: Deployed through Docker for web application security testing.
    • VulnHub Machines: Imported vulnerable VMs for various CTF challenges.
  4. Monitoring and Logging:
    • Wazuh: Installed to monitor the environment and detect potential security issues.
    • Ubuntu with Docker and Portainer: Hosted Docker containers running DVWA, WebGOAT, and other utilities.

6. Enhancements and Optimizations

  1. Added GPU:
    • Integrated the GPU into the Dell R730 for enhanced processing power during resource-intensive tasks.
  2. Configured Proxmox Storage:
    • Ensured the NVMe drive was optimized for local storage.
    • Set up RAID 5 for increased storage reliability.
  3. Fine-Tuned VLAN Communication:
    • Adjusted pfSense firewall rules to allow specific inter-VLAN communication where necessary.

7. Lessons Learned and Next Steps

  1. Challenges Faced:
    • Initial Proxmox installation issues with storage drives.
    • Configuring pfSense VLANs and inter-VLAN communication.
  2. Next Steps:
    • Expand the lab to include SIEM tools like Splunk for advanced monitoring.
    • Integrate more CTF scenarios for practice.
    • Experiment with automation tools like Ansible to streamline configurations.