A large part of the reason for this blog is to chronicle progress of my laboratory activities. Another part is to support the grimoire<1> that I’m building which details the lessons learned (how to do a specific task) and the specific configuration details of the laboratory, charity, & home environments. The first step is to define the things I want from the experience, so here goes.
- Setup services on a Raspberry PI for use as a home / laboratory server
- DHCP Addressing, with reservations
- DNS Resolution, with caching and forwarding to OpenDNS
- Syslog Log Management, with retention & removal of aged logs
- Learn Python, especially for scripting (i.e.: a script to remove aged log files)
- Setup time-ranges on a firewall (control outbound traffic in conjunction with DHCP reservations)
- Setup VPN access to the firewall from the Internet (including hairpin provision of HTTP services)
- Learn Security Onion for intrusion detection
- Workstation
- Sensors (perhaps deployed on Raspberry PIs
- Server (to collect data for future review) – Maybe
- Use Git to manage configuration files, scripts, and documentation. Especially formats and reusable items.
- Use FreeRADIUS to manage authentication to network devices. Maybe even wireless authentication someday.
- Setup a blog to share and provide high-level documentation of everything (here we are!) [Blog exists on 2/16/2015, lots of details to fill in]
At this point I have a Cisco ASA 5505 firewall and one Raspberry PI. As I accomplish the objectives in the list I’ll italicize them and smile at my progress. Once they are complete I’ll build a new list. Which probably means I’ll need to setup a location for potential future items, watch for a future post on that topic!
1. See the article Why you need a Grimoire – How to use technical “black magic” in your hacking sessions. by Leviathan, published in 2600 The Hacker Quarterly, Volume 27 Issue 2, Summer 2010. http://advancedphotosolutions.blogspot.com/2010/07/why-you-need-grimoire.html