DESIGNING a home lab
Author: Stefan Waldvogel
Keep your home lab as simple as possible
-under construction-
Ideas:
dfirmadness.com/building-a-siem-at-home/
github.com/watsoninfosec/ELK-SIEM
youtu.be/v8WFA9vc1EA -> very easy 8 minutes with Josh Mason
The first step is, you have to know what you want or need. The easiest lab has one VM and inside are other Docker containers with other operating systems. If You attend John Strand's basic SOC training (pay-as-you can) you get such a VM.
Ideas:
dfirmadness.com/building-a-siem-at-home/
github.com/watsoninfosec/ELK-SIEM
youtu.be/v8WFA9vc1EA -> very easy 8 minutes with Josh Mason
The first step is, you have to know what you want or need. The easiest lab has one VM and inside are other Docker containers with other operating systems. If You attend John Strand's basic SOC training (pay-as-you can) you get such a VM.
The next level could look like this:
Here, you have multiple machines and at least one attacker and one victim. The requirements are moderate, especially if you only run one victim.
Advanced labs:
If you want to integrate the blue side (defender) it gets quickly complicated. You need a firewall (pfSense) and you add "Security Onion".
Hint:
Do you need such a large lab for a SOC Analyst position? No!
If you can set up a full running home lab with red and blue tools and you know what you are doing, you are going into a Security Engineer position. You set up your blue tools and use the red tools to test your settings. If you saw your attack, great, if not you adjust the tools until you see the attack.
This is engineering....
My goal is to build a full working Cyber range with different tasks, so you can build your skills for free.
Advanced labs:
If you want to integrate the blue side (defender) it gets quickly complicated. You need a firewall (pfSense) and you add "Security Onion".
Hint:
Do you need such a large lab for a SOC Analyst position? No!
If you can set up a full running home lab with red and blue tools and you know what you are doing, you are going into a Security Engineer position. You set up your blue tools and use the red tools to test your settings. If you saw your attack, great, if not you adjust the tools until you see the attack.
This is engineering....
My goal is to build a full working Cyber range with different tasks, so you can build your skills for free.
|
|
© 2021. This work is licensed under a CC BY-SA 4.0 license