Hack Lab Intro: How to Set up a Home Hacking and Security Testing Lab

Introduction

This series of articles comprises an introductory tutorial on how to set up a home lab to experiment with common hacking and information security testing tools. Our setup will  allow us to explore the sorts of computer and network vulnerabilities that can be encountered on the internet, and to test the security of our own home computer network and networked devices, all from within an isolated and secure working environment. The series is geared toward individuals who have little or no prior experience with virtualization software or common hacking and security testing tools, but are interested in exploring network and computer security.

Over the course of the tutorial series, we will create two separate network configurations. The first will be a completely virtual environment populated by two virtual guest systems running inside a single host computer. This requires nothing more than an internet connection for the necessary downloads, and a computer with relatively modest RAM and disk resources.

The second configuration will be an everyday local area network of the sort that can be found in many homes, but which is isolated from the internet and where we can strictly control and monitor all network traffic. This setup is slightly more involved in terms of hardware than the first, requiring also a spare router.

Our monitoring and attack system in both configurations will be an instance of a Kali Linux virtual machine running inside an installation of the VirtualBox software package on our primary computer. Kali is a Linux operating system distribution intended for security testing and digital forensics.

In the first completely virtual network environment, our victim will be an instance of  Metasploitable2, a virtual machine that exhibits vulnerabilities that can be found on  everyday computer systems and software configurations. As noted at Offensive Security, "Metasploitable is an intentionally vulnerable Linux virtual machine. This VM can be used to conduct security training, test security tools, and practice common penetration testing techniques."

In the second network configuration, we will use the Kali Linux virtual machine to compromise an everyday local area network router of the sort that can be found on many home networks, in order to demonstrate just how easy it can be to steal login credentials  passed from another computer on the network.

The tutorial is broken down into four parts:
  • Part 1 covers the installation of VirtualBox and provides a walk through of a full installation of a Kali virtual machine on your primary lab computer. Along the way, we'll take a short detour on how to quickly run live Kali sessions without a full installation of the machine.
  • Part 4 provides details on setting up our second network configuration, which models an everyday home local area network. With the attack machine, we'll conduct a simple man-in-the-middle attack against the network's router, and demonstrate a serious security vulnerability by stealing login credentials sent to it from the victim machine, in this case, the host computer. 

19 comments:

  1. Thanks for your informative article on UFT automation testing tool. Your post helped me to understand the features and functionality of QTP automation testing tool. QTP Training in Chennai | QTP training Chennai

    ReplyDelete
  2. Good post. I learned new informations. Thanks !

    PPC training in chennai

    ReplyDelete
  3. Great post....Thank you for posting the great content……I found it quiet interesting, hopefully you will keep posting such blogs…
    If you Want more seo course chennai

    ReplyDelete
  4. Nice post. Happy to visit your blog. Thanks for sharing such a useful post.

    php training in kodambakkam

    ReplyDelete
  5. Thanks for Sharing the valuable information and thanks for sharing the wonderful article..We are glad to see such a wonderful article..
    QTP Training in Chennai | QTP Training Institute in Chennai | QTP Training

    ReplyDelete
  6. Updating with the latest technology and implementing it is the only way to survive in our niche. Thanks for making me this article. You have done a great job by sharing this content in here. Keep writing article like this.
    Angularjs training in chennai | Angularjs course in Chennai

    ReplyDelete
  7. Thanks for posting this useful content, Good to know about new things here, Let me share this,
    AngularJS Training in Chennai | AngularJS Training | Best AngularJS Training Institute in Chennai

    ReplyDelete
  8. Very Nice Blog I like the way you explained these things. I’ve been looking for ways to improve my website and overall rankings.I hope your future article will help me further.Take Digital Marketing Training to mould yourself.

    ReplyDelete
  9. This is really very nice post you shared, i like the post, thanks for sharing..
    James

    ReplyDelete
  10. I just couldn't leave your site before letting you know that I genuinely delighted in the top quality data you present to your guests? Will be back again often to determine the status of new posts. HOA Management Services

    ReplyDelete
  11. This is excellent information. It is amazing and wonderful to visit your site.Thanks for sharing this information,this is useful to me...
    Ios training in chennai

    ReplyDelete
  12. I strongly recommend you to read this article about the truth spy tracking application.

    ReplyDelete
  13. On the off chance that you have been wrongly blamed for hacking it's vital that you get some legitimate exhortation and get your legal advisor to locate a specialist witness with the fundamental aptitudes to help your case.how to hack a phone to read texts

    ReplyDelete
  14. Testing makes your customer to get full satisfaction on your service since it found out all the bugs and errors and rectify it. Selenium is the best tool ever to test web based applications. Thank you for your information.

    Regards:

    Selenium Training in chennai |
    Selenium Training

    ReplyDelete
  15. Your details are very informative. I am interested to learn AngularJS Training in Chennai or AngularJS course in Chennai Do you have this kind of post means kindly share with me.

    ReplyDelete