Hack Labs: The benefit of having your own
Like every IT Pro out there, you know with technology changing daily, it’s a constant game of catch-up. New platforms, applications, security technologies all coming out at a rampant pace. But, your boss has you laser focused on only a subset that they believe will benefit the organization.
What about those of you concerned with security, who want to test out either the latest hacking tools to better understand your enemy, or advances in solutions designed to protect your company’s network – because we all know reading about it just isn’t the same as getting your hands dirty, right?
So how are you supposed to gain first-hand knowledge of the latest tech (good and evil) and put it to the test if you are never given the time and resources?
The answer lies in taking matters into your own hands and building yourself a Hack Lab. Some call it a Home Lab, but doesn’t it sound cooler if you call it a Hack Lab? It does, right? I’m calling it a Hack Lab.
If you’ve never had one, you probably have a few questions. I’ll do my best to proactively guess and answer them here.
Why Do I Need a Hack Lab?
There are quite a few reasons for building one. For some of you, it’s more for personal use – could be for helping you with that next certification, learning about a new technology or application in lieu of formal technical education. For others, it’s more along the lines of the reasons I started this article with – you need an environment with which to play with the latest tech to better familiarize yourself. If you don’t have a Hack Lab at work, and, say, you’re in charge of your company’s virtual infrastructure, you’re still somewhat responsible for checking container technology to see if it’s a viable option for the company. Same goes for network security – you still need to be the master of every method and tool your enemy may use.
Sure, sure – your company is supposed to pay for all this and have it available to you, but I know from my many years in the corporate world, it’s tough to add a line in the IT budget entitled “equipment to play with.”
So, like countless others, you may need to go this one alone and just build one yourself.
What Equipment Needs to be a Part of my Hack Lab?
Great question. The simple answer – it depends. If you’re in that “I want to educate myself” bucket, you need those components that make up the environment you need to learn about. If you are interested in micro-segmentation with VMware NSX, then you just need a copy of ESXi and a few guest OSes and you can be off to the races. But if you’re looking to do pen testing, you might need a switch, or some other physical networking component. No two Hack Labs are exactly the same. But there are some common components you’ll find in most labs:
- Virtualization – Most labs require flexibility so you aren’t stuck working within a single network scenario. Plus, this keeps your hardware costs lower, since none of us is rolling in dough. As for a hypervisor vendor – labs run the gambit – ESXi, Hyper-V, Oracle, XenServer, you name it. Go with what you’re comfortable with, but make sure any host hardware is on the corresponding virtualization vendor’s HCL.
- Backups – This is a network you’re building… and we all know cardinal rule #1. Back it up. It’s recommended that you backup to separate storage so that you aren’t toying with space dedicated to VMs to backup those same VMs.
- Networking – Some of you may actually want/need/require some physical routers, firewalls, switches, etc. To keep costs down, I’d suggest taking a look on ebay for used older equipment – it won’t be state-of-the-art fast, but it will get the job done.
- Software – You’re going to need Operating Systems, enterprise server applications, client apps, tools, etc. And none of that is free. Evaluation media does a nice job of giving you the full feature set (you’re just going to need to reinstall every so often). Another option is older versions sold on eBay. Sure, there may be some legal issues (and I’m not one to sweep that under the rug), but do keep in mind, you’re not using any of this for production, just testing. For example, an old copy of Windows Server 2003 could very well be sufficient to host whatever application you need to test. Yes, it’s no longer supported, but you’re not looking for support anyway.
- Power – having some level of power redundancy (so you don’t corrupt any part of the environment) is necessary. Choosing a solid, but inexpensive, UPS should be part of your plan.
Remember, this list completely depends on what you want to do. Some labs are designed around wanting to replicate a specific physical network configuration, while others just need to run a copy of Exchange 2016 and Active Directory. Also, this list isn’t exhaustive by any means. I’m simply trying to point those of you that are new to setting up a VM Hack Lab in the right direction.
How do I Set Up the Lab?
I’m assuming you’ve got the hardware part down pretty well, so this is more about setting up and configuring any virtualization you may need. In trying to answer this, please do keep in mind, each one of you have a different objective, an opinion on which hypervisor to use, a list of “must have” tools, etc. So I can’t put a step-by-step here. I did find a few great links on building a Hack Lab for free, along with a plethora of sites with instructions on how to get old versions of apps, etc. (but I’ll let you find those for yourselves…)
There are no Hack Lab police that will come if you don’t build something elaborate; build the network that meets your needs with what you can afford. Today it may just be two physical servers and a KVM switch, but tomorrow, it may be much, much more.
And remember… your Hack Lab is about a purpose, not a definition. Determine your purpose and the lab will begin to define itself.
Now get to work!