Threat Level: green Handler on Duty: Xavier Mertens

SANS ISC: Internet Security | DShield SANS ISC InfoSec Forums

Participate: Learn more about our honeypot network

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Advice for setting up an inexpensive lab
I am looking for ideas for setting up a sort of general purpose InfoSec lab environment. Something where I can:
- download and run malware samples
- install various InfoSec tools that I read about online
- run scenarios involving multiple machines
- etc.

I would like to be able to access the lab remotely through a secure connection like VPN so I can get to my stuff on the go.

I really want this to be reasonably isolated from all of my personal devices and data. So I think hosting from my home is not going to happen.

I have thought about setting up some VMs in a cloud environment, but I know that many providers would not allow me to download malware or hack my own machines. I also don't like the idea of paying by the hour for something during the time when I am not using it.

I have thought about buying my own server equipment but I don't know of a good place that I could host it for cheap that would suit all my needs.

I have thought about getting a nice laptop and running a hypervisor on it. But I don't really know what kind of hardware would give me the most bang for the buck here. Also it would be nice to not have to lug around a heavy laptop when I am traveling.

Anyway looking for some general advice to help get me started. Thanks!

This is a broad topic... As you said, you've multiple choices: run the lab locally or "in the cloud". For the 2nd choice, you can buy/rent a cheap VPS.
As a first step, I'd recommend having a look at the remnux[1] which is a Linux distro dedicate to this task.


ISC Handler

Sign Up for Free or Log In to start participating in the conversation!