Setting up a home lab
Should you be lucky enough to be working in the computer security industry now, then you are well aware of the continual learning cycle. There seems to never be an end to the various concepts and tools that one should know how to use. That is not even mentioning the various operating systems out there. The use and administration of various operating systems alone is a job in itself. This is not even taking into account the various pieces of hardware that you should ideally be able to use. Another world indeed are hardware devices such as Cisco routers, switches, hubs, and the list goes on.
By the sounds of the list above you would think that you would be pretty busy twenty four hours a day already learning all of this stuff. You would be quite right in thinking that! The problem is though that the above mentioned areas of study are only some of the topics required to stay abreast of developments in the computer security world. Staying current with operating systems and hardware is only half the battle. What of the never ending exploits being released on an almost daily basis that could affect any of these components? If you are thinking that you need a home computer security lab to test these exploits out you would be quite correct indeed.
Quite a few security professionals that I know of possess only one computer at home and make do with that alone. The reality of it is that they really don’t take their work home with them. That is a conscious decision on their part, as they leave that world at the office. They do not want their jobs impacting their home life. For a great many of us though computer security is a passion, and it very much impacts our home life. Personally, I spent a great deal of my computer time at home when my wife and son go to bed. I get less sleep that way, but I do have a great deal of fun and learn along the way too. I realized though that I needed to have a home computer lab to facilitate my studies. What I shall describe below is what I would envision as a generic home computer lab setup.
Laying down the groundwork
Having a computer network at home to play with is essential in today’s world. Personally I would rather stay at home with a book in my lab and learn on my own. I am not rushed through specific class modules and can go at my own pace without worrying about a lab partner. What I will now do is list the various pieces of hardware and software that you should ideally have in your home.
First and foremost you should have a router for not only your Internet connection, but also for the ability to play with the IOS. Yes, you are right, I said IOS. In a perfect world you will have bought a Cisco router of some sort with a relatively new version of IOS on it. The Cisco router does not necessarily have to be the actual gateway to the Internet either. It can be on the inside of your network to allow you to configure it for RIP or OSPF. Learning how to configure and maintain a router is very important nowadays. Heck, some employers expect you to be able to do this at a minimum. So having an actual router like a Cisco gives you the ability to configure various routing protocols on it.
Cisco is like Microsoft
Well there is no getting away from Cisco really for your network infrastructure needs. They are very much the equivalent of Microsoft in that regards. They simply dominate the market. So with a Cisco router in our network it only stands to reason that we would also want to have a Cisco switch as well. The beauty of having such a managed switch is just that you can manage it. You will have the ability to actually manage your switch and for example setup a VLAN. Being able to read about a concept is vastly different from actually doing it. To truly learn something you actually need to do it. Only through hands on experience can you truly grasp the theory.
There are other benefits as well to having a Cisco router and switch integrated into your home lab. You will get to see all those broadcasts that go on in the background. Broadcasts such as DHCP and the Spanning Tree Protocol come to mind readily. It is all well and good to actually setup DHCP on your router, but I would say that you will not really understand till you have also analyzed the packets generated by it. There is also the TFTP protocol, which is used to store IOS images. So as you can see there are a great many benefits of actually having a real router and switch to play with. They will also serve to reinforce other security concepts.
Seeing is believing
You don’t really need to have half a dozen computers at home, which are all networked to get the most out of your lab. With the router and switch in place you can go ahead and buy several lower end computers to populate your lab with. This will give you the ability to also see how various operating systems can interoperate. For example, how Microsoft Windows and Linux can interact. It would be foolish of a person indeed to use only Windows and ignore Linux or BSD. You really do need to setup a Linux computer for cheap and ready access to tools like compilers and debuggers. Having such a Linux computer on your network will save you a very tidy sum of money that you would otherwise have to spend on a Windows compiler like Visual Studio.
Another important facet to having a Linux computer in your lab is that all of the best computer security tools out there today are written for Linux. There is no escaping that fact. Linux is simply easier to program for vice Windows convoluted way of doing things. So with your Linux computer you can play with tools such as Ettercap, HPing, Nessus, amongst many others. This is important to do for you need to understand the capabilities of these tools. Understanding how they work and what they do will greatly help you defend your Microsoft Windows networks.
Well we can see that buying serious networking gear like that offered by Cisco is very much worth the extra it will cost you over some SoHo equipment. There are tons of used Cisco gear out there, which can be had for a relatively cheap price. If you compare say the cost of $2,000.00 USD versus the cost of several formalized training courses you would be well ahead by simply setting up a home lab. Formalized training is great however for those of you on a budget, simply setting up a home lab is really the way to go. You can realistically make do with some used books and Google for your questions. With all that said, what should you really buy in terms of hardware and software? Well I would personally buy at least one Cisco router, two Catalyst switches, and four computers. Having all of this will allow you to simulate quite a few learning scenarios for the lowest price possible. Remember, your greatest assets are your curiosity and drive to learn. I sincerely hope you enjoyed this article, and as always welcome your feedback. Till next time!