A large part of the reason for this blog is to chronicle progress of my laboratory activities. Another part is to support the grimoire<1> that I’m building which details the lessons learned (how to do a specific task) and the specific configuration details of the laboratory, charity, & home environments. The first step is to define the things I want from the experience, so here goes.
- Setup services on a Raspberry PI for use as a home / laboratory server
- DHCP Addressing, with reservations
- DNS Resolution, with caching and forwarding to OpenDNS
- Syslog Log Management, with retention & removal of aged logs
- Learn Python, especially for scripting (i.e.: a script to remove aged log files)
- Setup time-ranges on a firewall (control outbound traffic in conjunction with DHCP reservations)
- Setup VPN access to the firewall from the Internet (including hairpin provision of HTTP services)
- Learn Security Onion for intrusion detection
- Workstation
- Sensors (perhaps deployed on Raspberry PIs
- Server (to collect data for future review) – Maybe
- Use Git to manage configuration files, scripts, and documentation. Especially formats and reusable items.
- Use FreeRADIUS to manage authentication to network devices. Maybe even wireless authentication someday.
- Setup a blog to share and provide high-level documentation of everything (here we are!) [Blog exists on 2/16/2015, lots of details to fill in]
At this point I have a Cisco ASA 5505 firewall and one Raspberry PI. As I accomplish the objectives in the list I’ll italicize them and smile at my progress. Once they are complete I’ll build a new list. Which probably means I’ll need to setup a location for potential future items, watch for a future post on that topic!
1. See the article Why you need a Grimoire – How to use technical “black magic” in your hacking sessions. by Leviathan, published in 2600 The Hacker Quarterly, Volume 27 Issue 2, Summer 2010. http://advancedphotosolutions.blogspot.com/2010/07/why-you-need-grimoire.html
Git also has many uses I would be interested in learning. I must get my PI up and running to be ready for those labs. Count me in.
I like the idea of a VPN to my firewall to access the internet from outside while on a client location (hairpinning??). This also serves to show i can log in and make comments on stuff.
Hairpinning desciribes the idea of a connection coming in on one interface on a firewall and being routed back out the same interface. On a Cisco ASA this is not default behavior – the traffic would normally be dropped.
What I used to do (and will again) is connect to my firewall using a VPN and then access the internet using the VPN interface as the default route of my computer. The traffic would go through the encrypted tunnel to the firewall and out to the internet from it. Return traffic goes to the firewall and back to the computer through the same encrypted tunnel. This protects my traffic from whoever is providing the remote internet connection.
It is even better when the initial VPN connection authenticates the firewall using a certificate.
I hope that this helps to clarify my plan. TTFN!
Continuing on this train of thought, I need to identify some Python resources and then decide upon one or two to learn from. The first candidate is “Introducing Python: Modern Computing in Simple Packages” by Bill Lubanovic, December 4, 2014 (ISBN-13: 978-1449359362).
Another candidate might be “Learning Python, 5th Edition” by Mark Lutz, July 6, 2013 (ISBN-13: 978-1449355739).
Here are a couple of interesting web resources for Python:
http://learnpythonthehardway.org/
http://www.cbtnuggets.com/it-training/python-programming
https://www.safaribooksonline.com/search/?f=everything&q=python