Mentoring is very popular in cyber security, but what is mentoring? What should I expect?…
Running your own home lab is a great way to help yourself stand out from the crowd and also to gain some new skills and insights in to both general IT system administration and Cyber Security. These types of projects help you understand how the different layers of the OSI model work within your network, in addition to helping you get more in to a Cyber Security mindset.
Getting into home labing is both easier and cheaper than ever thanks to the Raspberry Pi. This low-cost computing system has helped bring down the barrier to entry for starting out and creating your very own home lab. In this post we will cover to great ideas to get you started on your journey.
How does this help me get a job?
It will show your employer that you are passionate about learning in your own time and motivated, it can also show that you have the needed technical skills and at a minimum a solid foundation for your potential employer to build from.
If you document the process of building your lab via a blog post or write-up, it can show them in more detail that you fully understand the concepts you have put in to place with your own network. Furthermore, by documenting it this demonstrates non technical skills that can be used to clearly communicate to clients the issues they have and how to fix them in an easy to understand way.
Where to Start
This software is a great way to help take control of your network and understand what places your home devices are calling out to. Its also a great way to cut down on the advertising you are shown which is one of the ways that malware can be distributed and can also block device call backs and usage tracking (looking at you <insert generic smart TV manufacture name>).
It enables you to take control of when, how and to who your device communicates to. It’s easy to use web interface enables you to schedule time for devices but also you are able to add your own blocklists to block certain content on only certain devices if that’s what you want.
It also helps control your own privacy by taking control of what analytics are sent to certain providers such as Google analytics.
It’s extremely light and was made to run on the Raspberry Pi and you can run it on pretty much any flavour of the Linux OS.
Sources: Pi-hole – Network-wide protection
Conduct your own threat hunting and monitor your network in real time to discover potential threats on your network. This free software enables you to feed information from all your servers and computers and other devices at home into a central feed so you can take complete control and have an excellent top down look on your own home/lab network.
Sources: Security Onion Solutions
Using this software, you are able to create your own router and firewall giving you 100% control over your network and what is able to pass through. It provides you with complete flexibility and is excellent not just for home use but also enterprise. Furthermore, it is opensource and comes with excellent community support with many products able to interact with pfsense further enabling you to extend the use and capabilities of your new firewall and router, such as its integration with Snort and the ability to install your own VPN with wireguard.
Sources: Tutorial – How to Install Pfsense Firewall [ Step by Step ] (techexpert.tips)
PfSense or Syslog to Azure sentinel
Now that you are collecting logs about your own network you can go further with alerting, Azure sentinel is an excellent service that you can use to alert yourself to much more serious threats, this however might be overkill. But by at least trying and configuring you have learned some valuable skills and above all you have demonstrated that you are capable and knowledgeable in setting up your own alerts. Depending on what role in Cyber you are going for this maybe desirable to a potential employer.
Add your Home lab and services to a Dashboard