How was my VMware HomeLab?
In a nutshell, my VMware HomeLab has been awesome. The Lab has been in regular use since February, 2022. I have replicated the Lab on additional Intel-based machines and has worked well. Although it can be convenient to learn with boxes hosted on online services such as TryHackMe and HackTheBox, some situations are best suited for a local environment ie. the OWASP Juice Shop, and a multi-machine Active Directory forest.
Did I achieve my objectives?
Absolutely - I achieved 100% of the goals and benefits I spoke about in my introductory post in 2022, which included:
Not only is this the safest way to learn about information security in a home environment, I also learned alot about networking, firewall rule, systems administration etc.
So why fix something if it ain’t broken?
Although a local instance of a HomeLab is indespensible, I quickly realized there were some significant limitations with this kind of infrastructure:
- a local HomeLab is limited to a local instance - sounds obvious, but in practice, this means the Lab is not easily accessible between machines, nor is it easily accessible by multiple users
- VirtualLab or VMware are examples of Type 2 virtualization environments, where a hypervisor is hosted on a computer - and the resources (CPU, RAM etc) are shared by the host OS as well as virtual machines
- a local instance is non-persistent - the sessions are lost if you shutdown VMware - and you have to restart all the VMs (including pfSense) the next time you fire up VMware
- I also had problems with VMs not waking properly after hibernating
- lastly, a local instance has limited functionality too ie. it would be very difficult or impossible to implement a robust enterprise level network intruction detection system (NIDS) or security information and event management (SIEM) platform
My objectives with this project
Given the known limitations with a local HomeLab, my goal was to use 0xBEN’s excellent how-to as a guide to repurpose a spare laptop to:
- replicate my current VMware HomeLab subnet infrastructure in a persistent platform
- learn how to use Proxmox, and
- repurpose a spare laptop
Most importantly - I want to document how I was able to set this up with my own laptop and any potential hiccups along the way. Because I will forget. If I write it down, I will lose it. If I post it, it might be immortalized for future reference.
Full Disclaimer: I followed 0xBEN’s excellent how-to and used it as a guide for my own journey.
This is the network diagram from OxBEN’s write-up.
DEVIATIONS FROM 0xBEN
- My Private IP Address Range: 192.168.1.0/24
My Hardware (aka Old Faithful)
This was my constant companion over the past 4 years and has served me well. Its role has been recently replaced by a smaller laptop. However, it has sufficient horsepower that it would be a waste to just leave it gathering dust in a corner.
- MSI GS65 Stealth 9SD
- Intel(R) Core(TM) i7-9750H
- RAM 32.0 GB
- KBG30ZM512G TOSHIBA
- Samsung SSD 970 EVO Plus 1TB
Fast (mobile) i7, lots of RAM, and two SSDs totally 1.5 TB.
I will follow 0xBEN’s structure, and break up the build process into the following steps:
- Prepare Your Laptop
- Getting to Know Proxmox
- Install and Configure Our pfSense Firewall
- Create a Kali Linux VM
- Adding Vulnhub VMs to the Cyber Range
- Tweak Our Setup: 2nd SSD, Static Routing, Remote Access
- Create an OWASP Juice Shop Container
- Running Windows Guests on Proxmox
- Active Directory Lab: Getting Started
HomeLab Proxmox Section
These posts can all be found in its own section:
Let’s Get Started!
Join me in the next section and prepare our laptop.