Announcement

Collapse
No announcement yet.

Home security labs... who has them?

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Home security labs... who has them?

    OK... I have a question for the community but I need to start with a little history first.

    For the past few years I have had a lab in my home where I can work on coding and learning new stuff. It started pretty small with just a workstation but over those years I managed to bring home a metric ton of stuff that either work was throwing away or people sat out to the trash that I could not pass up (computers, monitors and cables etc).

    I recently moved from my old crap house into a smaller apartment and decided to go through all my gear and setup a new lab space to work in. I found I had a ton of stuff to setup a nice lab space and still had plenty to share with friends who needed gear (sorry all gone). However I had some questions about how to build the lab. Specifically what OSes I should run and should I be doing more with VMware (going to happen) or just keep adding more gear and raising my power bill.

    My new lab space now has the following:

    2 - 4' wheeled computer racks with glass doors
    2 - Cisco 2900 xl switches
    1 - Cisco 2600 router with 2 10 meg ethernet interfaces and 1 10/100 interface
    1 - Cisco 1710 router with 2 10 meg ethernet interfaces
    2 - Linksys WRT54G access points
    1 - Sun Ultra 40 with a terabyte of HDD and 8 gigs of ram
    1 - SPARC 10 server running Solaris 7
    2 - Dell servers (FreeBSD and Windows 2003 Web)
    2 - small Dell desktops (WinXP and Win7)
    2 - Laptops (Ubuntu and BackTrack 3)
    1 - Red cooler filled with beer and energy drinks (No room for refrig)
    1 - 14dB yagi for RF testing
    2 - 10dB omni's for RF testing
    1 - Tektronics osilliscope and solding station for hardware projects
    2 - dry erase boards for notes
    Tons of wifi cards, cables and other crap I cannot find space to store.

    This is still alot of computers running and I will probably be going through again to parse out some that can be dual booted or testing that can be done in VMware.

    OK... my question is do others on the board have lab spaces and how much space do they take in the house. Also, would others be willing to share data on their own lab spaces design (OS, hardware etc).

    I am asking this because I have been doing some research on the Googles and in various books about building labs. However it is always nice to hear from others in the community and see how others designed their lab space.

    So, thanks for your time and I look forward to all your comments.
    XS

  • #2
    Re: Home security labs... who has them?

    VMWare is a really nice way to reduce the amount of equipment you have and use, but it means the equipment you use needs to be better than most equipment people throw away, or give away.

    With VMWare, you can take a snapshot before each SP upgrade from MS, and then look to clone your VM several times for each release or change. Then, when you need a Pre SP[XYZ] machine or three, you can spawn a bunch of boxes in a VM with bridged NIC, and watch how they infect each other when a worm of some sort is introduced. What? Did you miss some traffic? Reset to snapshot and do it again.

    Same can be said for development, and examination of malware on a guest OS.

    But if you are planning to play with Windows 7 in a VM and you want to run a few copies, you'll probably want at least 2, quad core processores and from 4 to 16 GB of RAM for the host OS/hypervisor/ESX/whatever.

    As nice as VMWare is for the above mentioned items, it sucks with new hardware, and 3d accelerated graphics. They claim they have improvements in their new release, but I have my doubts.

    I've not used it, but I think VMWare also supports use of an Eclipse debugger with their workstation.

    If you plan on playing with some new accessory that has its own card and drivers, VMWare isn't likely going to help. For example, if you want to play with something like a PCI "WatchDog Card for WIndows" or maybe a session/desktop multiplier like http://www2.userful.com/ or another made by another company back in 1998 which used a PCI card, then a non-VM, physical server/system is the way to go.

    VM also make playing with switches and routers more difficult, unless the VM are on physically distinct host OS with their own NIC.

    The 2 biggest problem with a home lab are having enough power and dealing with heat/airflow. Beyond killing hardware, heat will force modern CPU to speed-step their way down to slowness. Exceeding the amp load on your circuit has obvious consequences.

    A good KVM could really make your life easier.

    Leaving space between each rack-mounted system may let you open up a system without removing it from the rack.

    Rails that allow you to slide a system out far enough to gain access to all hardware inside the system and out without removing it from the rack are also nice.

    A not-so-dumb power-strip that shows you how many amps are being consumed by all devices powered through it is also nice, but a bit expensive.

    If you are doing your own wiring for power, consider wiring for 220 to drop the number of amps consumed by each server.

    If you do not have a KVM, consider a cheap crash-cart. You could make one of these with stuff you find at a garage sale.

    HTH,
    -Cot

    Comment


    • #3
      Re: Home security labs... who has them?

      http://www.comstarinc.com/index.html

      Just found this the other day, though ebay may be cheaper.

      xor

      Yes cot is right, started with like 7 boxes, 0 laptops, 0 vm's. I'm now down to 2 boxes, 2 laptops, with 8 shared vm's. My electric bill is much happier.
      Just because you can doesn't mean you should. This applies to making babies, hacking, and youtube videos.

      Comment


      • #4
        Re: Home security labs... who has them?

        I have a little lab in my apartment that I use for school / research. It consists of :
        cisco 2900
        two boxes
        two laptops
        4 VMs on both boxes.
        I use the laptops mostly for school work, so one has Ubuntu, and one has Vista SP2

        For the VM's, I use Sun Microsystems Virtualbox. I like how it can dynamically expand when it needs to, so I dont have to worry as much.

        Comment


        • #5
          Re: Home security labs... who has them?

          we dont really have a lab at my school just chemistry class and there is no chemicals or test tubes at all.

          Comment


          • #6
            Re: Home security labs... who has them?

            Originally posted by h@ck@dy View Post
            we dont really have a lab at my school just chemistry class and there is no chemicals or test tubes at all.
            Let's keep this thread on track and relevant to home computer labs, 'k?

            I return whatever i wish . Its called FREEDOWM OF RANDOMNESS IN A HECK . CLUSTERED DEFEATED CORn FORUM . Welcome to me

            Comment


            • #7
              Re: Home security labs... who has them?

              Originally posted by xor View Post
              http://www.comstarinc.com/index.html

              Just found this the other day, though ebay may be cheaper.

              xor

              Yes cot is right, started with like 7 boxes, 0 laptops, 0 vm's. I'm now down to 2 boxes, 2 laptops, with 8 shared vm's. My electric bill is much happier.
              I've started going the virtualization route as well. I used to have a ton of hardware ranging from generic PCs to DEC and SPARC stations. I've now pared it down to only devices that fit in my rack and am doing a lot more virtualization of machines. Not only does it save on energy bills, but it also makes for a quieter workspace.

              Over at our hackerspace we have a badass 2U Dell box thats pretty much built for the purpose of virtualization and a large SAN device that can hold images. That seems to be the way to go for a lab setup.

              I return whatever i wish . Its called FREEDOWM OF RANDOMNESS IN A HECK . CLUSTERED DEFEATED CORn FORUM . Welcome to me

              Comment


              • #8
                Re: Home security labs... who has them?

                I have an older Rackable machine here that I got from Geeks that I run CentOS and VMware upon. I generally only run one VM at a time on it while I'm new software and such. Works pretty good for a sub $200 server.
                A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.

                Comment


                • #9
                  Re: Home security labs... who has them?

                  Got a server for free from work and I'm working on putting some stuff together. Trying to decide what virtualization software to use. ESXi is free, but someone told me that I need to buy licenses to really use it. I'm looking at Xen too this weekend, so some research needs to be done. The box I'm using has two cores and 4gb of memory, it's garbage, but I figure it's enough to work with for now.

                  I have a Cisco 2600 I got from work, a few linksys wireless AP's for cracking, jailbroken iPhone with wishes for better tools, Eee with BT4 and all my friends and family have my number if I suddenly go off grid.

                  Still need to do a lot of research, but this is gonna be a thanksgiving weekend project. Thanks for posting this, I'm gonna keep an eye on this.
                  "As Arthur C Clarke puts it, "Any sufficiently advanced technology is indistinguishable from magic". Here is my corollary: "Any sufficiently technical expert is indistinguishable from a witch"."

                  Comment


                  • #10
                    Re: Home security labs... who has them?

                    I run 4 older boxen KVM'ed to a single work area virtualizing and mimicking various real-world configurations I've run across throughout the years. I like variety in my testing and research, and a controlled environment simulating environments in the wild is what I find best suited to my needs. I am, however, needing to do some digging to find out what I ultimately want to achieve. Also, I intend to replace all my test boxen with a moderate rackable system if for nothing other than space's sake. I run both VMWare and Virtual Box as my choice virtualization tools.
                    "You have cubed asscheeks?"... "Do you not?"

                    Comment


                    • #11
                      Re: Home security labs... who has them?

                      Mine is pretty junior at the moment but it works well for what I need. The home lab consists of mainly laptops that way I can move them all around easily if needed. I run two with Vista and one with XP. I utilize them with an 8 port hub so I can do penetration testing. This works ok to get a feel for metasploit and things like that. I also have a decent surge protector to avoid any big spikes in the power. Its a bit unstable where I am. Once I setup a bootable copy of knoppix Ill be able to do a little Linux testing as well :P Overall I have to say though that the small laptops are working great because of their ease in portability. For what it's worth Id say go with VMware when possible to save your power bill.

                      Comment


                      • #12
                        Re: Home security labs... who has them?

                        Don't want to underestimate the value of a nice VMware setup. The ease and speed with which you can configure networks is incredible. One moment I have a few disjointed VMs and the next I have a fully private network where I can lay out any attack I please without having to worry that anything is going to leave my private network. TheCotMan really said it, Snapshots are amazing. The ability to restore a VM to a working saved condition is a huge time saver. I can have 1 victim VM which gets compromised over and over and over again.
                        That said this is only good for generic attacks and poking around. If you're into really low level hardware hacking or trying to do driver work then good old dusty hardware is your friend. Sorry if it sounded like I am trying to pitch VMware or anything. It's just what helped me get my start into network security so I have a fond place for it.

                        Comment


                        • #13
                          Re: Home security labs... who has them?

                          Originally posted by g3k_ View Post
                          ESXi is free, but someone told me that I need to buy licenses to really use it.
                          For the purposes of a security lab it will work fine. You have to upgrade to full esx if you want to do stuff like vmotion, and the advanced esx stuff.

                          Comment


                          • #14
                            Re: Home security labs... who has them?

                            Originally posted by barry99705 View Post
                            For the purposes of a security lab it will work fine. You have to upgrade to full esx if you want to do stuff like vmotion, and the advanced esx stuff.

                            Awesome, thanks.

                            Does anyone know a good place to pickup some cheapish decent equipment? The box I got from work will piss me off eventually from slowness. Installing ESXi took forever and I'm not sure that it's even going to last me 4 months. (they were throwing it out for some reason)
                            "As Arthur C Clarke puts it, "Any sufficiently advanced technology is indistinguishable from magic". Here is my corollary: "Any sufficiently technical expert is indistinguishable from a witch"."

                            Comment


                            • #15
                              Re: Home security labs... who has them?

                              Originally posted by g3k_ View Post
                              Awesome, thanks.

                              Does anyone know a good place to pickup some cheapish decent equipment? The box I got from work will piss me off eventually from slowness. Installing ESXi took forever and I'm not sure that it's even going to last me 4 months. (they were throwing it out for some reason)
                              I got one of these recently, running CentOS 5.2 on it currently, works very well.
                              A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.

                              Comment

                              Working...
                              X