Cybersecurity Lab Project

https://cybercademy.org/cybersecurity-homelab-project/

Spring 2020

Grant Collins

Cybersecurity HomeLab Project

Being able to apply what you are learning is always important when it comes to I.T. and cybersecurity. Without real-world application, it’s harder to understand how concepts are actually implemented in industry. To be able to apply your learning, you gain a fundamental understanding of how different components work together.

Real-world application takes all kinds of forms, ranging from hands-on projects, to virtualized environments where you test out new approaches to a problem.

If you have been in the cybersecurity industry or have performed some research, you have most likely heard of building a “homelab.” Beginners are sometimes confused by what a homelab is or how to build their own version… In this project, I assume you are an absolute beginner.

What is a HomeLab in I.T. / Cybersecurity?

A homelab is an environment meant to simulate components of I.T. infrastructure, equipment, and configurations similar to a business or enterprise network.

The goal of a homelab is to understand the process of installing, configuring, and optimizing I.T. infrastructure at a relatively small scale so one can apply similar processes to a real-world business or enterprise network.

Homelabs range in complexity, some being completely virtualized while others have incorporated hardware. Although homelabs can appear to be complex and perhaps overwhelming to the beginner, they are relatively easy to outline with proper clarity. 

Cybercademy Homelab Project

For this cybersecurity homelab project, I will be building and simulating a business network with different components including:

  • Upgrading physical PC equipment (RAM and Hard drive) 

  • Installing Windows 10 image

  • Setting up VMware Workstation 15 Player

  • Configuring and working with Active Directory

  • Setting up and connecting Linux Desktop and Windows 10 pro (enterprise) VM images to AD

  • Configuring and securing Remote Desktop Protocol (RDP)

  • Setting up and working with Palo Alto PAN-OS 8

  • Setting up and working with the open source PF sense firewall

  • Building a small-scale VPN server (using OpenVPN)

  • Configuring a vulnerability scanner (Nessus) and simulating vulnerability scans

  • Configuring a System Information Event Management System (SIEM) with Splunk and logging events

  • Possibly more

To begin the Cybersecurity Homelab Project, I have first created a network topology of what I want my environment to look like after completion (this could be subject to change as I continue throughout the project). Creating this little network topology has helped me get a general understanding of what I am trying to do with this particular setup.

Network Topology

Typology Breakdown

Main PC

Upgrading physical PC equipment (RAM and Hard drive) 

Current Specs:

  • CPU: AMD 6300 6 core

  • RAM: G.Skill RipJaws X Series 8 GB DDR3 

  • Graphics Card: Sapphire Dual X Radeon R9 280 3GB

  • Motherboard: MSI 970a-g46

  • Hard Drive: Toshiba 2 TB 

  • Operating System: Windows 7 Home

Upgrades:

  • Hard Drive: 1 TB (new hard drive)

  • Operating System: Windows 10 

Installing Ubuntu Image

I will be installing a base version of Ubuntu Linux 18.04.4 LTS Desktop  from the Ubuntu Website

Setting up VMware Workstation 15 Player

VMware Workstation 15 Player is free for home use. I will be using this service to create, configure, and maintain my VMs.

Configuring and working with Active Directory

My devices will be centrally managed by AD. To do this, I will be setting up an AD environment. I will be using Adam Heath’s video tutorial and walk through of setting up an AD environment.

Connecting Desktops

Setting up and connecting Linux Desktop and Windows 10 enterprise VM images to AD

Linux Desktop

I want to connect a Linux distribution to AD. The distribution will be Ubuntu Linux 18.04.4 TLS.

Windows 10 Pro (Enterprise)

I will also be connecting a Windows 10 enterprise VM to simulate an employee workstation. Download link is available on the official Microsoft website.

Securing Home Network with PFsense Firewall

Setting up and working with the open source PF sense firewall

Providing network segmentation for my home lab is important. To secure my home lab environment, I will be using the open source PF sense firewall / router. Download is available on the official pfSense website. I will be directly installing pfSense in VMware. I have linked a blog post to outline the process of creating a pfSense VM in VMware Workstation.

Configuring and Securing RDP

Configuring and securing Remote Desktop Protocol (RDP)

Remote Desktop Protocol (RDP) is a very popular service used in many enterprise networks to enable remote access and administration for computers and servers. Because of its popularity, RDP is often subject to attack, meaning it’s critical to take necessary measures to ensure security. I will be configuring an RDP server as well as taking the necessary precaution to secure the server. The first link is a resource for enabling RDP. The second link introduces methods to secure RDP.

Setting up and working with Palo Alto PAN-OS 8

One precaution I will personally take to ensure security is to put the RDP server behind its very own firewall using Palo Alto PAN-OS 8. This also gives me the opportunity to configure and maintain a different type of firewall. I will be using a virtual image of PAN-OS 8, which I am not allowed to distribute. An introduction to PAN-OS 8 is provided with the following link.

Security Components

Building a small-scale VPN server

VPN servers are typically seen in enterprise networks where employees must remotely access company information. In this home lab, I will configure a small-scale VPN server using OpenVPN. The link includes information pertaining to setting up OpenVPN with VMware solutions.

Configuring a vulnerability scanner (Nessus) and simulating vulnerability scans

Vulnerability scanners offer a means of identifying and actively managing known vulnerabilities. Tenable Nessus is a popular vulnerability scanner used in all kinds of corporate networks. Nessus Essentials (previously known as Nessus Home) is a free vulnerability scanner you can use to scan up to 16 IPs. Since this homelab will be relatively small, I will be using Nessus Essentials as my vulnerability scanner.

Configuring a System Information Event Management System (SIEM) with Splunk and logging events

System Information Event Management Systems (SIEMs) are used to correlate and congregate logged events and alerts into meaningful and actionable data so an organization can prioritize critical alerts. Splunk is a well-known SIEM solution within the industry. Splunk provides a free, lightweight version for at-home users to try out. I will be using this as my SIEM.

Let the Project Begin

The Cybersecurity Homelab Project will be a great learning opportunity to apply what I have learned through self-study and in the classroom. As always, this is the outline document and changes are likely to happen as I go throughout the process of building the lab. 

Sources 

How to set up a homelab from hardware to firewall: https://opensource.com/article/19/3/home-lab

Download Windows 10: https://www.microsoft.com/en-us/software-download/windows10

Download VMware Workstation 15 Player: https://www.vmware.com/products/workstation-player/workstation-player-evaluation.html

The Cyber Mentor – How to Build an Active Directory Hacking Lab: https://www.youtube.com/channel/UC0ArlFuFYMpEewyRBzdLHiw

Download Ubuntu Desktop: https://ubuntu.com/download/desktop

Download a Windows 10 virtual environment: https://developer.microsoft.com/en-us/windows/downloads/virtual-machines/

pfSense Download Center: https://www.pfsense.org/download/

pfSense VMware Workstation Introduction: https://www.vgemba.net/vmware/pfSense-VMware-Workstation/

How to enable Remote Desktop Protocol on Windows Server: https://documentation.online.net/en/dedicated-server/rescue/enable-windows-rdp

Securing Remote Desktop Protocol (RDP) for System Administrators: https://security.berkeley.edu/education-awareness/best-practices-how-tos/system-application-security/securing-remote-desktop-rdp

What’s New in PAN-OS 8: https://www.paloaltonetworks.com/products/new/new-panos8-0

Deploying the Access Server Appliance on VMware ESXi: https://openvpn.net/vpn-server-resources/deploying-the-access-server-appliance-on-vmware-esxi/

Nessus Essentials: https://www.tenable.com/products/nessus/nessus-essentials

Download Splunk Enterprise 8.0.2.1: https://www.tenable.com/products/nessus/nessus-essentials

Homelab Idea first inspired by Zach Hill from I.T. Career questions: https://www.youtube.com/user/PCSimplest

All icons provided by Flaticon:  https://www.flaticon.com

Sources subject to change as I go throughout the project. 

Leave a Comment

Your email address will not be published. Required fields are marked *

/* add by OCEANUS */