What I’m Using In My Homelab
These are the devices and software I’ve acquired, or am using differently as I go down the infosec rabbit hole.
VNOPN Micro Firewall Appliance
A small computer that runs the pfSense firewall. I wouldn’t call the set up easy, exactly, because there are so many choices, but with the help of a Cybersecurity for Small Networks and a video by Network Chuck, I got my hardware firewall up and running. Now if I can only figure out how I’d use the wifi radios…
Specs:
Fanless Mini PC
4 Intel 2.5GbE NIC Ports
Intel N3700 Quad Core,
8GB DDR3,
128GB mSATA SSD
Beelink N100 Intel 12th Alder Lake Mini PC
I use this mini pc to run my Intrusion Detection System (IDS) and Security Information and Event Management System (SEIMS). It comes with Windows 11, but I installed SecurityOnion on it, which is built upon CentOS linux. I made a recovery USB in case I want to reinstall Windows in the future, but for now, it’s humming along quietly without it.
Specs:
HDMI x2
Dual 2.5Gbps Net-Ports
16GB Sigle DDR5 RAM,
PCIe x1
500GB M.2 2280 SSD,
Wi-Fi6,
BT5.2
OpenWrt (According to the sales page, but I haven’t seen it. No matter, I don’t need it and if I did, I could install it.)
TP-Link TL-WA3001 AX3000 Wireless Gigabit Access Point
Because my pfSense firewall acts as my DNS router, I don’t need a wireless router. So I saved money and bought a wireless access point instead. This is a straightforward product.
What I’m finding is a lot of devices are now being managed (in the cloud), meaning they open a port on your network to communicate with the device. This is how they can offer a phone app to manage the device. I don’t want that. I want the old school way where you go to an IP address and manage the device through that device’s web interface. That’s what this has.
Flipper Zero, Multi-tool Device for Geeks
A popular tool for hacking inspired by ’90’s tomagachi handheld games, which says a lot either about the designer, or the audience they’re trying to attract. Either way, it’s an inventive take on a hacking device.
What it’s got:
- Sub 1 ghz transceiver. This is useful for hacking all kinds of wirelesses devices like car key fobs, garage door openers, security gates, etc., especially those on 433Mhz, the key fob standard in the US.
- 125kHz RFID. Used by older access control cards.
- 13.56 MHz NFC. Used be newer access control cards and things like credit cards that you “tap” rather than swipe or insert.
- Bluetooth. While the flipper uses bluetooth to connect to it’s phone app, I’m sure there’s more devilish things to do with it.
- Infrared Transceiver. See what all those tv clickers are doing, record them, and play them back. Plus whatever uses infrared.
- 1 Wire Keys. This is an older technology used in door entry mechanisms and those clunky plastic tags they use in clothing stores to prevent theft. Also known as “S1990A,” “Touch Memory,” or “Dallas key.”
I also bough the wireless add on board for wireless network hacking.
GL.iNet GL-AXT1800 (Slate AX) Pocket-Sized Wi-Fi 6 Gigabit Travel Router, Extender/Repeater
I use this little router when traveling. It use openwrt which means it’s a firewall, vpn, etc. Openwrt is embedded linux, so it’s basically a small computer. I use to securely connect to public networks. Anyone I’m travelling with can log into it and we can all be confident that we’re safe and secure.
Network Chuck created a similar device with a raspberry pi using dd-wrt. While I’m all for hacking together devices (hello war driving), this device is actually cheaper with the same functionality and probably comparable performance. You can put an SD card into it so that you can download openwrt packages. This means I can download and run things like nmap, or if I wanted to, MariaDb, freeswitch (for telelphony, like asterisk, which I could also has a package), ifstat, or a ton of other programs.
HP Proliant DL380p G8 25 Bay Server, 256gb ECC RAM
I wasn’t intending to buy a server; I was intending to use VPSs for homelab type stuff. However, I found this really cheap on eBay. I mean. Really. Cheap.
It didn’t come with any hard drives, which is no surprise as they were probably either reused or destroyed when box was retired from the data center in which it lived. But it did come with redundant power supplies, two processors, lots of RAM, and a fiberoptic network card. Even though it’s End of Service Life, there’s still support for it and runs just fine for a cheap server. It’s kind of like an old toyota camry: plenty of support and parts to keep it runnining, even if it’s not the fastest kid on the block.
I installed proxomox so it’s easy for me to spin up new containers and VMs. I created a an “internal” network of vulnerable machines, attacking machines, and monitoring machines to work on my red team and blue team skills. I also use it to try out configs before I put things into production for myself or others.
HP Elitedesk G8 Mini PC
I needed a functional, low power pc for making things available when I’m on the road. These little PC’s are cheap on eBay because they’re now in the recycler’s marketplace. Bumping up the RAM and the SSD drive makes them nice little machines for things like file serving (Nextcloud), self hosted applications (OODO), or serving up audio files (Jellyfin).
While it’s true that all those things are probably easier to do in the cloud, I wanted to try the self hosting option as a learning experience.
Proxmox
Proxmox is a type 1 hypervisor, which means it installs on “bare metal” and runs virtual machines and containers. It’s getting more and more popular, especially with VMware selling their type 1 hypervisor to Broadcome and all the licensing changes that involves.
Qubes OS
I have tried a bunch of different linux distros and at one time, my hard drive held about eight of them for me to boot into. I’ve narrowed it down to three: Pop! OS which I use with a VPN; Kali Linux, because…hacking; and Qubes OS, which has the reputation of being the most secure OS on the planet. It accomplishes this task by what can best described as extreme containerization. Almost everything runs in its own VM/Container, so if one thing gets compromised, nothing else does. I’m slowing adopting it as I move over from Pop! OS. It’s not as simple a process of rebooting and going into a new OS, like say, switching between Ubuntu and AV Linux. So I’m going slow and steady as I use to work into my day to day workflow.
