Throughout my cybersecurity journey I've heard the saying "hands-on experience beats theory," about a hundred times. I've always followed this principle when learning something new. Whether it be CTFs or small security related projects, I've had a blast taking on new challenges. However, there's one challenge that I've been eagerly waiting to take on until now.
After purchasing an old refurbished Dell tower desktop and installing Proxmox as my main OS, I'll finally be able to take on the unique challenge of building a home lab. To fully understand what it takes to secure a network, you've gotta do the real thing, and I have a feeling I'll end up learning a lot from this. Whether it be setting up a SIEM for SOC related purposes, simulating attacks, or practicing incident response, there's so much to learn when building and tinkering with a home lab.
๐ Cybersecurity Lab Architecture
Within this lab environment I plan on building out 5 separate networks:
Management Network - This is where my Proxmox administration and Internet access will sit.
Corporate Network - This will be a "production" environment with Active Directory. My main aim is to emulate a real corporate environment consisting of domain controllers, workstations, file servers, etc.
Security Tools Network - This is where most or all of my security tools will live. This network will include a SIEM, network monitoring, and my security infrastructure. I plan on incorporating tools such as Splunk, Wazuh, TheHive, MISP, and many more.
DMZ - This network segment will consist of vulnerable applications and exposed services. I'm thinking of introducing Metasploitable, DVWA, and exploitable web applications.
Red Team Network - This will be my isolated attack infrastructure, consisting of Kali Linux, attack tools, and C2 servers.
โก Data Flow
๐ฏ Project Goals
๐ ๏ธ Technical Skills
- Configure enterprise security tools from scratch
- Write detection rules (Sigma, SPL, YARA)
- Analyze logs and network traffic for threats
- Conduct digital forensics investigations
- Automate security workflows with Python
- Understand common attack techniques and how to detect them
๐ Analytical Skills
- Threat hunting methodology and process
- Incident investigation procedures
- Root cause analysis and prioritization
- Pattern recognition in security data
๐ค Soft Skills
- Technical documentation and report writing
- Communication of technical concepts
โญ Next Steps
So far I've installed Proxmox and created network bridges for each of my segmented networks. Ontop of that, I've also downloaded the necessary ISOs for each operating system I plan on using in the lab.
Next up, I'll be installing pfsense for my firewall, which will allows me to understand how these segmented networks will communicate with each other.
If you'd like to follow along with my cybersecurity lab journey, please check out the Github repository I created for this project. There's not much in there right now, but I do plan on adding more as the project develops.
If you have any suggestions please leave them in the comments below!
Thanks for reading! ๐
Top comments (0)