Setting up your home lab

Want to take your work home with you? Here's how.

Should you be lucky enough to be working in the computer security industry now, then you are well aware of the continual learning cycle. There seems to never be an end to the various concepts and tools that one should know how to use -- not even mentioning the various operating systems out there. The use and administration of various operating systems alone is a job in itself -- not even taking into account the various pieces of hardware that you should ideally be able to use. Another world indeed are hardware devices such as Cisco routers, switches, hubs, and the list goes on.

From the list above, you would think that you would be pretty busy 24 hours a day already learning all of this stuff. You would be quite right in thinking that! The problem, though, is that the above-mentioned areas of study are only some of the topics required to stay abreast of developments in the computer security world. Staying current with operating systems and hardware is only half the battle. What of the never-ending exploits being released on an almost daily basis that could affect any of these components? If you are thinking that you need a home computer security lab to test these exploits out, you would be quite correct indeed.

Quite a few security professionals possess only one computer at home and make do with that. The reality of it is that they really don’t take their work home with them. That is a conscious decision on their part, as they leave that world at the office. They do not want their jobs impacting their home life. For a great many of us, though, computer security is a passion, and it very much impacts our home life. Personally, I spend a great deal of my computer time at home when my wife and son go to bed. I get less sleep that way, but I do have a great deal of fun and learn along the way too. I realized though that I needed to have a home computer lab to facilitate my studies. What I'll describe below is what I would envision as a generic home computer lab setup.

Laying the groundwork

Having a computer network at home to play with is essential in today’s world. Personally, I would rather stay at home with a book in my lab and learn on my own. I am not rushed through specific class modules and can go at my own pace without worrying about a lab partner. There are various pieces of hardware and software that you should ideally have available in your home.

First, you should have a router for not only your Internet connection, but also for the ability to play with the IOS. That's right, I said IOS. In a perfect world, you will have bought a Cisco router of some sort with a relatively new version of IOS on it. The Cisco router does not necessarily have to be the actual gateway to the Internet either. It can be on the inside of your network to allow you to configure it for RIP or OSPF. Learning how to configure and maintain a router is very important nowadays. (Heck, some employers expect you to be able to do this at a minimum.) So having an actual router like a Cisco gives you the ability to configure various routing protocols on it.

Cisco is like Microsoft

There's really no getting away from Cisco for your network infrastructure needs. It is very much the equivalent of Microsoft in that regards -- it simply dominates the market. With a Cisco router in our network, it only stands to reason that we would also want to have a Cisco switch as well. The beauty of having such a managed switch is just that you can manage it. You will have the ability to actually manage your switch and, for example, set up a VLAN. Being able to read about a concept is vastly different from actually doing it. To truly learn something, you actually need to do it. Only through hands-on experience can you truly grasp the theory.

There are other benefits as well to having a Cisco router and switch integrated into your home lab. You will get to see all those broadcasts that go on in the background. Broadcasts such as DHCP and the Spanning Tree Protocol come to mind readily. It is all well and good to actually set up DHCP on your router, but I would say that you will not really understand till you have also analyzed the packets generated by it. There is also the TFTP protocol, which is used to store IOS images. As you see, there are a great many benefits of having a real router and switch to play with. They will also serve to reinforce other security concepts.

Seeing is believing

You don’t need to have half a dozen computers at home, all networked, to get the most out of your lab. With the router and switch in place, you can buy several lower-end computers to populate your lab. This will also give you the ability to see how various operating systems can interoperate -- for example, how Microsoft Windows and Linux interact. It would be foolish of a person indeed to use only Windows and ignore Linux or BSD! You really do need to set up a Linux computer for cheap and ready access to tools like compilers and debuggers. Having a Linux computer on your network will save you a very tidy sum of money that you would otherwise have to spend on a Windows compiler like Visual Studio.

Another important facet to having a Linux computer in your lab is that all of the best computer security tools out there today are written for Linux. Linux is simply easier to program for, as opposed to Windows' convoluted way of doing things. With a Linux machine on your network, you can play with tools such as Ettercap, HPing, Nessus, among many others. Understanding how these tools work and what can do will greatly help you defend your Windows networks.

Summing up

You see that buying serious networking gear like that offered by Cisco is very much worth the extra cost. There's tons of used Cisco gear out there, available for a relatively cheap price. If you compare, say, the setup cost of $2,000 versus the cost of several formal training courses you would be well ahead by simply setting up a home lab. Formalized training is great; however, for those of you on a budget, simply setting up a home lab is really the way to go. You can realistically make do with some used books, and Google for your questions.

That said, what should you buy in terms of hardware and software? I would personally buy at least one Cisco router, two Catalyst switches and four computers. Having all of this will allow you to simulate quite a few learning scenarios for the lowest price possible. Remember, your greatest assets are your curiosity and drive to learn. I sincerely hope you enjoyed this article, and as always welcome your feedback.

Till next time!

Don Parker, GCIA GCIH, specializes in matters of intrusion detection and incident handling. He has also enjoyed a role as guest speaker at various network security conferences, and writing for various online and print media on matters of computer security. You can contact Don Parker at dparker@bridonsecurity.com.

Related:

Copyright © 2006 IDG Communications, Inc.

7 inconvenient truths about the hybrid work trend
Shop Tech Products at Amazon