Like every IT Pro out there, you know with technology changing daily, it’s a constant game of catch-up. New platforms, applications, security technologies all coming out at a rampant pace. But, your boss has you laser focused on only a subset that they believe will benefit the organization.
What about those of you concerned with security, who want to test out either the latest hacking tools to better understand your enemy, or advances in solutions designed to protect your company’s network – because we all know reading about it just isn’t the same as getting your hands dirty, right?
So how are you supposed to gain first-hand knowledge of the latest tech (good and evil) and put it to the test if you are never given the time and resources?
The answer lies in taking matters into your own hands and building yourself a Hack Lab. Some call it a Home Lab, but doesn’t it sound cooler if you call it a Hack Lab? It does, right? I’m calling it a Hack Lab.
If you’ve never had one, you probably have a few questions. I’ll do my best to proactively guess and answer them here.
There are quite a few reasons for building one. For some of you, it’s more for personal use – could be for helping you with that next certification, learning about a new technology or application in lieu of formal technical education. For others, it’s more along the lines of the reasons I started this article with – you need an environment with which to play with the latest tech to better familiarize yourself. If you don’t have a Hack Lab at work, and, say, you’re in charge of your company’s virtual infrastructure, you’re still somewhat responsible for checking container technology to see if it’s a viable option for the company. Same goes for network security – you still need to be the master of every method and tool your enemy may use.
Sure, sure – your company is supposed to pay for all this and have it available to you, but I know from my many years in the corporate world, it’s tough to add a line in the IT budget entitled “equipment to play with.”
So, like countless others, you may need to go this one alone and just build one yourself.
Great question. The simple answer – it depends. If you’re in that “I want to educate myself” bucket, you need those components that make up the environment you need to learn about. If you are interested in micro-segmentation with VMware NSX, then you just need a copy of ESXi and a few guest OSes and you can be off to the races. But if you’re looking to do pen testing, you might need a switch, or some other physical networking component. No two Hack Labs are exactly the same. But there are some common components you’ll find in most labs:
Remember, this list completely depends on what you want to do. Some labs are designed around wanting to replicate a specific physical network configuration, while others just need to run a copy of Exchange 2016 and Active Directory. Also, this list isn’t exhaustive by any means. I’m simply trying to point those of you that are new to setting up a VM Hack Lab in the right direction.
I’m assuming you’ve got the hardware part down pretty well, so this is more about setting up and configuring any virtualization you may need. In trying to answer this, please do keep in mind, each one of you have a different objective, an opinion on which hypervisor to use, a list of “must have” tools, etc. So I can’t put a step-by-step here. I did find a few great links on building a Hack Lab for free, along with a plethora of sites with instructions on how to get old versions of apps, etc. (but I’ll let you find those for yourselves…)
There are no Hack Lab police that will come if you don’t build something elaborate; build the network that meets your needs with what you can afford. Today it may just be two physical servers and a KVM switch, but tomorrow, it may be much, much more.
And remember… your Hack Lab is about a purpose, not a definition. Determine your purpose and the lab will begin to define itself.
Now get to work!