Lab build out part 0 (physical)

Sm0key |

Abstract

As a tester it is critical to understand the impact of your actions. One way to accomplish this is to instrument a lab to analyze your attacks and tactics as you are developing them.

In today's article we will go over the hardware selected for my port-a-lab, the design considerations, and the high level design. I will also call out some things I would have done differently if I were doing it again.

High level objectives:

  • Design considerations
  • Hardware chosen
  • High level design
  • Lessons learned
  • What's next?

Design considerations

For my lab I wanted the ability to put one cat 5 cable and one power into the wall, and have my whole environment come online. I wanted it to be highly portable, highly extensible, scalable, and instrumentable. As long as I can feed it a network that has DHCP it should headlessly bring up the basic infrastructure, and expose itself to the internet. Ideally it should be physically able to be picked up and moved with ease by one person. It should also be unobtrusive to the environment, so fanless or low noise.

Hardware chosen

For compute nodes I chose the intel nuc. They are small, quiet, reasonably powerful, and can pack a punch. These nodes were purchased a few years ago, so I will include the specs for both what I used, and what I would use if I were building this again today. As mentioned in design considerations, I can add nodes to this and likely will with the updated specs. I am currently running two compute nodes, but this can scale to eight without needing to update the networking equipment.

Nuc: NUC7i5BNH (This was the hottest i5 nuc on the market at the time)

Host SSD: MZ-V6E250BW (I would go with a 1tb next time)

RAM: PC4-19200 (At the time there were no 64gb sodimms so these are 32gb.)

HDD: WD10SPZX (1tb is laughably small. This will be upgraded to 5tb in the near term.)

For switching I used netgear. For reasons that currently escape me I got one smart and one dumb switch. If I were doing this again they would both be smart switches. Specifically I got the GS108Tv2 for the smart switch.

For the firewall I made one of the more controversal decisions. I bought a protectcli four port firewall. Word on the street is this firewall is bugged by the Chinese. Perhaps...

High level design

Physical diagram

Lessons learned

I should have taken mass storage more seriously when I was buying parts. My advice would be to imagine an absurd amout, then quadruple it. Buy as much of the fastest storage as you can afford. A future enhancement to this would be adding a solid state NAS.

I always wanted to have 64 gb of ram per node. At the time they simply did not exist. Now they are readily avaliable, and likely something that will be upgraded very soon.

Dumb switches have become a limitation.

What's next?

Next we will dive into the software components of the basic lab infrastructure.