I am looking for ideas for setting up a sort of general purpose InfoSec lab environment. Something where I can:
- download and run malware samples
- install various InfoSec tools that I read about online
- run scenarios involving multiple machines
I would like to be able to access the lab remotely through a secure connection like VPN so I can get to my stuff on the go.
I really want this to be reasonably isolated from all of my personal devices and data. So I think hosting from my home is not going to happen.
I have thought about setting up some VMs in a cloud environment, but I know that many providers would not allow me to download malware or hack my own machines. I also don't like the idea of paying by the hour for something during the time when I am not using it.
I have thought about buying my own server equipment but I don't know of a good place that I could host it for cheap that would suit all my needs.
I have thought about getting a nice laptop and running a hypervisor on it. But I don't really know what kind of hardware would give me the most bang for the buck here. Also it would be nice to not have to lug around a heavy laptop when I am traveling.
Anyway looking for some general advice to help get me started. Thanks!
Nov 10th 2017
8 months ago
This is a broad topic... As you said, you've multiple choices: run the lab locally or "in the cloud". For the 2nd choice, you can buy/rent a cheap VPS.|
As a first step, I'd recommend having a look at the remnux which is a Linux distro dedicate to this task.
Nov 11th 2017
8 months ago