If you want to get started in the cybersecurity field, or just brush up on your skills, one of the best things you can do is build a home lab. This can be a great way to learn new tools and techniques, and to practice your skills in a safe environment.
Let’s review why you should setup your own home lab, plus go over some specifics on how to do just that.
Why you need a home lab
Building a home lab is something that career-minded individuals should consider taking on. Not only does it provide hands-on experience with setting up and troubleshooting digital systems, but stockpiling the knowledge associated with home labs can make you incredibly appealing to tech hiring managers during interviews.
Employers of all walks often look for passionate engineers who have dedicated their time to becoming certified during their career pursuit. Home labs are a great way for prospective hires to show they have already taken this initiative and have the background needed in order to be hired.
Almost every cybersecurity hiring manager is going to ask you about your hands-on experience with technical tools. You can round out any on-the-job experience you have with installing and running these tools by exploring them in your home lab.
How to get started with your lab
Getting started on any lab work can be intimidating, especially if you don’t have a lot of experience. But don’t let that discourage you. Here are some tips to get your lab up and running.
First and foremost, plan out your lab based on the job you want. If you’re pursuing a career in penetration testing or bug bounty hunting, then your lab should include tools specifically designed to compromise vulnerable systems and applications. But if you’re pursuing a career as a SOC analyst, your lab should include tools designed to detect and defend against potential attacks.
One of the ways you can plan out your lab is by creating a mind map using a tool like Xmind. In the center of the map, name that node after the job you want. Then begin adding nodes based on the types of tools that you’ll be expected to use in that role.
Next, you can turn to sites like Indeed or LinkedIn Jobs to search for job descriptions that mention the tools you’ll be expected to know.
For example, a job description for a SOC Analyst is likely include expectations that you’ve worked with a security information event management system (SIEM), antivirus (AV) or endpoint detection and response (EDR) tools, an intrusion detection system (IDS), and an intrusion prevention system (IPS). Add a node to your mind map for each type of tool you’ll likely be asked about during the interview.
At this point, your map might look something like this.
Now you’re ready to identify the specific tools you’ll want to install in your lab.
Selecting the hardware for your lab
Thanks to advances in virtual computing and cloud computing, it’s a lot easier to build out a home lab now than it was twenty years ago. Instead of building a physical network to tie multiple PCs together, you can now build out your home lab using virtual machines and cloud services.
First, you’ll want a computer with internet access, ideally one that’s capable of running multiple virtual machines. In line with Moore’s Law, computer hardware is evolving rapidly. Depending on when you read this article, you might be able to find faster tech at an even lower cost. Keep that in mind as you consider these specs.
When it comes to virtual machines, more RAM is better. 16 gigabytes would be good, but 32 gigabytes would be great. An SSD hard drive with at least 1 terabyte of storage will give you plenty of space to download and store an entire library of virtual machines. In terms of processing power, an Intel i7 or an AMD Ryzen 7 processor, something in the 1.5 GHz to 2.0 GHz range, would get the job done.
Software like VirtualBox and VMware Workstation Player provide you with the ability to run one or more virtual machines on your physical computer.
Your home lab hardware is likely to be your biggest investment, but you can save money by watching for for sales at your local Micro Center or by picking up a refurbished computer or laptop on eBay.
Selecting the software for your lab
When selecting the specific tools to install in your home lab, you’ll want to return to your mind map and add more details.
For each node that includes a tool type or category, you could start with a quick internet search on open source options. A SOC Analyst who wants to practice using SIEMs might install the ELK stack or AlienVault OSSIM. In the IDS/IPS space, they might install Snort or Suricata. If the job description references specific tools by name, even better.
Your mind map will continue to grow as you identify tools that are popular in each space.
Thanks to advances in virtual computing and cloud computing, it’s a lot easier to build out a home lab now than it was twenty years ago. Instead of building a physical network to tie multiple PCs together, you can now build out your home lab using virtual machines and cloud services.
Before installing this software, though, you’ll need a virtual machine to install it on. You can download Windows evaluation virtual machines from the Windows Dev Center, and you can download Linux virtual machines (such as Ubuntu images) directly from each organization’s website.
Special considerations
In the cybersecurity space, there are quite a few virtual machines that have been purpose-built for training and implementation alike.
Kali Linux might just be the most popular virtual machine in this space. Red teamers, penetration testers, and security researchers often rely on Kali to ramp up their hacking skills.
But it’s difficult to practice hacking without something to hack, right? That’s where Metasploitable 2 from comes in. This deliberately vulnerable virtual machine from Rapid 7 is designed to help folks learn how to use hacking tools like Metasploit.
If you want a virtual machine that contains guided cybersecurity tutorials, you can check out the Labtainers maintained by the Naval Postgraduate School Center for Cybersecurity and Cyber Operations. Where other virtual machines are built around specific tools, Labtainers are built around teaching you fundamental cybersecurity technical skills.
You could also visit VulnHub and explore their library of vulnerable virtual machines if you’re looking for even more virtual machines to practice with.
From a defender’s perspective, a number of the tools you’ll want to try in your home lab offer standalone virtual machines as a deployment option. You can check out AlienVault’s OSSIM installation process as one example of this.
Put your lab to good use
A home lab provides you with plenty of opportunities to learn about security and hone your skills without putting you (or any production systems) at risk. You can get started with just a laptop and some free and/or open source software.
And if you follow Simplifying Cybersecurity on LinkedIn, you’ll see posts from time to time that provide additional insights into expanding your home lab.
— — —