How to Build a Home Lab for Infosec with Ralph May | 1 Hour

THANK YOU RECORDING AND UPLOADING THIS! Got stuck in a work meeting :(

Some options I use/have used in the past that I wanted to add:

Firewall: installed on bare metal or VMs there is also Sophos XG Home that is also free, it's less lightweight than something like pfsense/opnsense so you WILL lose performance if you don't throw fast single core CPUs (not an issue if you have <=1Gb internet), but it's more similar in functionality to an enterprise firewall. Main bonus for a learning environment in my opinion is being able to set user-based rules using Active Directory users and being able to check who is logged on domain joined computers in the network automatically (using Sophos STAS).

Virtualization: two things here. First of all a really good and free type 1 hypervisor is Xen, it often gets overlooked but while it might be not as popular as it once was it's still an enterprise hypervisor that is being offered basically full featured as open source. It needs to be compiled to have the full features, but there are people doing it and sharing the compiled version.
Second, it's more if you want to learn sysadmin skills than security skills, but VMWare offers for about 180€ bucks/year a VMUG Advandage package that has the highest existing level of license for ALL vmware products for homelab use. (not just the hypervisor esxi, but also vcenter, horizon, tianzu, vsan and much much more). For people with a homelab wanting to learn sysadmin skills that are really useful.

Backups: no matter what you're doing backups are really essentials always, if you're trying to learn stuff you don't know you have a high chance of messing it up, so it's even more important. No matter what you plan to use, take them. Veeam has a free version for up to 10 VMs if you use virtualization on esxi/hyper-v, if you work in IT and contact them you can ask for a NFR license for one year for free to double that up to 20 VMs. It's not a guarantee but they almost always give them out. There is Proxmox Backup Server for proxmox and Xen should be able to do it by itself. If you use VMWare Workstation or Virtualbox it's not ideal but you can just backup the whole drive with some desktop solution. Not sure what to go for there, so I'm sure there's better solutions, but Veeam Agent is free and can be used standalone.

I noticed the firewall chart didn't include firewalla

what’s the best way to get official windows licenses for testing (i.e. AD Lab) these days? msdn use to do subscriptions way back in the day…

gr8 video was on the live stream but had to leave so finishing up. Been working on my homelab which seems like forever

I'm IT and looking to get into CyberSecurity. A question that was asked on a Job Interview was, "Tell Me about Your Home Network". From that question I realized that I needed to invest in HomeLab and hadn't put in time and money into developing my Home Network and segmenting my network more. Thanks for the Video.

I don't think this should be called a "how to setup", it's more or less just an introduction/presentation.

Man this is great information my home lab has a mix of things from different companies, i have a ubiquity router, netgear switch, motorola modem lol.

the "best way" is the way that does what you need, you can use, and WILL use. The reset is opinion.

I'm here to prove the minefield point and ask why you didn't mention the glorious kvm virtualization method? /s

How to build a full-sized spider web

Im only 5 seconds into your video and I already subscribed to your channel. You can tell when a person knows his stuff. Im always open to learn new stuff from others. I had been doing bug bounty for a decent time and now for job requiring doing the oscp, hope to learn new stuff from you

I looks to me like you can heat your house with that equipment. jk I have access to all the enterprise equipment I could ever use. But my philosophy is I don't want to use that much electricity. For me I use a Lenovo mini with a large SSD drive that I run ESXi on. That really does most all I need for a home lab. Rarely do I need more than two or three vms at a time for testing.

Not sure why I was shared this in recommendations but interesting. The best I can tell, a home lab is a hardware sandbox for hardware testing at an infrastructure/network level and the software that accompanies or aligns with it. The ability to throw various relevant things at it in regards to what could be considered attacks or vulnerabilities security wise to discover weaknesses. Network testing. Would be curious for feedback on this extremely limited understanding.

Bro love the video. Appreciate your time and excellent concept. Just subbed

Great video, thanks!

What a gem of a video, I was fortunate enough to build my home label with some older stuff, I just wanted to learn the basics. I one tip I tell folks is you dont have to break the bank.

My lab consists of 5 machines, two of which are mac and the rest a combo of windows, windows server and Linux. An assort of switches, and a few watch dog firewalls. Most of my money went into software like burpsuite and virtual machine licenses.

Just a typo i guess, but its OPNsense, without the E in open as shown in the video in the firewall part.

Where is the link to the Tiny Lab you mentioned?

Once you start hearing the um's, it's hard to hear anything else

Not trying to be nasty. I really liked the video. But you got carried away with "um". You have a great cadence, clear voice and the content in general was informative. Just try to work on that 1 thing

Watching this in Jan '23. Great video! Thanks for recording and uploading. You've given a lot of content to think about as I go down the home lab path!

Great work! Veteran to veteran, hey no disrespect but I'm having a hard time getting past your ascending inflection at the end of most sentences which seems to be mainstream these days 😖. But I'm sub'n anyway, thanks.

Network topology diagrams?

Can i follow this tutorial using an linux / window instance on aws ?

Just wanted to mention that Mikrotik (not Microtik) routeros is open-source, not closed source.

Even though there is a huge range of products, it would be nice to have a low-end list of items and estimated pricing... What I've seen looks like > $5,000 for all "recommended" parts... so I either missed something, or I'm not the intended audience...

Nice Lab...

Let me get my pen and paper...

Class is in session...

thanks...

Very good video. Lots of info in an hour. Great presentation. Thank you!

Umm, ugh, umm, uhh, umm, ugh, umm, uhh, umm 😳 got half way, cant listen to you saying umm anymore

Are you motherred from hf?

loved the video but the uhms and uhs were unbearable at some points lol

This is super cool, thanks so much for sharing. I'm trying to break into the field and this will help me cobble all my project ideas together!

Addiction... Right on the money... I read an article - homelab for $0 on old laptop - and that is what/how I started but things can go quickly out of hands... Even with small things like HDDs, or switches or Raspberry Pi-szszsss... It's hundred here, hundred there, 20 becomes change, then 50 bucks is sooo cheap - at the end... nothing is cheap if you don't need or use it.

I just got my sec+ exam passed...now I want to stack some labs experiences...and this video was perfect... impeccable content
Keep on good work brother..
Allahuma baarik

Thanks for the overview!

please more video of this like Sir.
I love it, Thank you!

Help us share the knowledge with the infosec community! Give us your Likes to help others find our videos. Share this video with your friends. We want to grow big for 2023, so tell us in the comments which topics you want to see from BHIS this coming year! Thank you, we appreciate you all!