The importance of having the best tools
In this post, I will discuss how to setup your own cybersecurity lab with the equipment setup that I have based on a system that has worked for me all these years. You can find all of my recommended tools in my “Recommended Tools” page.
This basic setup applies to those looking to grow in any specialization within the cybersecurity field. The amount of equipment will vary depending on the specialization, but it should be good to begin your cyberpath.
Having the best tools is very important as it will allow you to do your job right from the very first time. In order to learn the tools of the trade, it is very important to understand the basics of what makes a system, what can break this system and how this system works!
The tools required to learn and practice for cybersecurity could vary according to the field of specialization. The setup I’m presenting here is a basic setup that will apply to anyone no matter which area you’re looking to work on.
Knowing the basics will provide you the foundation to not only understand any particular subject you are interested in pursuing, but also the knowledge to tackle any basic issue that disguises itself as a complex problem.
There are many cases where an issue presents itself disguised as a complex problem when in fact a simple resolution can be applied. The simple resolution that can save your day tends to be a series of concatenated basic knowledge that if you already knew about them, then you will be ok.
When people are looking where to begin a career in cybersecurity, they tend to focus on certifications and degrees, but forget the most important precept for any cyber noobie and that is to have your own laboratory environment. Your laboratory is the place where you will practice your technical knowledge, no matter your specialty.
Even lawyers with a degree in cybersecurity or people with a degree in Information Assurance have to understand how a system works in order to know how to make it or break it and the best way to do this is by having your own laboratory.
No matter the number of certifications or degrees you might have, if you don’t know how to tackle the very basics of a system, then you will be surpassed by that person who knows how the system really works.
Before you start thinking about any degree or certification, let’s start with setting up your own lab.
First, you need:
A Laptop or Desktop running Windows or a MacBook Pro or iMac station.
My team and I have a mix of hardware depending on our preferences. I prefer to use a MacBook Pro, while others prefer to use a Laptop running on Windows or Linux. I have both of them with a virtual environment, which we will discuss later on.
If you can’t get your hands on at least one desktop and one laptop, then one of them should suffice to begin with. I recommend a minimum of 8 GB of memory for any equipment you choose, as you will be building a virtual environment in it, which will require the resources to perform as best as possible.
The scope for setting up a virtual environment system can be anything you can think of, such as:
- To recreate a system that the company you work for has so that you want to tweak some settings and see how the system behaves
- To contain malware, ransomware, virus, etc. in a virtual environment and reverse engineer them to learn about them
- Test the vulnerabilities of an operating system and see how to gain administrative access to a computer
- Test the vulnerabilities of a router or a firewall within your virtual network and see if you can gain access to it via hacking, cracking, cloning network, etc…
- Test the vulnerabilities of a website running in your local environment to practice your skills in bug bounty
- To practice a programming language, such as Python, with different modules version without any version conflict
- To keep your InfoSec knowledge up to date
- Many more…
My current mobile setup is as follows: MacBook Pro with VMware Fusion. You can use any Laptop running Windows or Linux. The point is to allow you to install any Operating System in a virtual environment.
Getting The Hardware
I personally use a MacBook Pro while some of my colleagues prefer to use any Windows or Linux Laptop. The important thing here is to get one that works for you! Getting a MacBook Pro or an iMac station shouldn’t be a problem. The MacBook Pro is my daily driver and I always get them either new, refurbished or certified with a warranty. They work the same as if you purchased it brand new from an Apple store or any other big brand store and you get to save some cash.
I tend to be biased towards Dell because my colleagues use them to run Linux, but you can get an HP or a Lenovo as these three are what is known to be Canonical Certified. This means that they can natively run Linux Ubuntu or any Ubuntu derivative.
Getting The Software
VMware is the preferred brand for many companies to virtualize their servers for optimized management and application deployment. Getting familiar with it is a good idea if you want to pursue a career that would require using it later on! VMware supports more than 100 guest operating systems, including most versions of Windows, Linux, and Mac OS X.
For those of you looking to run Windows apps on your Mac, you can do this by using what is known as “Unity View” in VMware. You can run Windows as a Virtual Machine in your Mac and place Windows apps shortcuts directly in your Mac dock. It runs seamlessly as if it was installed directly on your Mac.
You never know where life will take you when it comes to the opportunities that will present themselves to lure you into a specialty in cybersecurity so it will be a good idea to cover all the basics.
Installing VMware for Mac in three easy steps
First, you’ll have to download VMware Fusion for Mac.
1 – Double-click the Fusion .dmg file to open it. The contents of the disk image appear in the Fusion Finder window.
2 – In the Finder window, drag the VMware Fusion icon to the Applications folder icon.
3 – When prompted, type your administrator username and password. Fusion is installed in the Applications folder on your Mac.
Installing VMware for Windows in three easy steps
First, you’ll have to download VMware Workstation Pro for Windows.
1- Log in to the Windows host system as the Administrator user or as a user who is a member of the local Administrators group. If you log in to a domain, the domain account must also be a local administrator.
2 – Double-click the “VMware-workstation-xxxx-xxxxxxx.exe” file, where “xxxx-xxxxxxx“ is the version and build numbers.
3 – Follow the prompts to finish the installation.
After Workstation Pro is installed, the VMware Workstation Server service starts on the host system. The VMware Workstation Server service starts whenever you restart the host system.
You can download the VMware version depending on the Operating System you choose to have as your daily driver and then install all other Operating Systems using VMware on your main laptop or desktop. This should be enough to start testing the waters.
Getting a VPN Service
VPN stands for Virtual Private Network. Don’t let this term confuse you as this concept is pretty straightforward. Having a VPN service offers several advantages for the cybersecurity professional such as IP cloaking. This means that you are hiding your real IP Address from the destination you are connecting to. For example, the specialty that uses this service the most is Information Security (InfoSec) when performing Penetration Testings for the Detection of Vulnerabilities.
Another reason you might want to use a VPN is when you need to access a specific website or service which restricts its access by geolocation. For example, there are countries that prohibit access to certain websites based on geolocation. If you happen to be in one of these countries and need to access a website which happens to be blocked, then you can bypass this restriction by logging into your VPN account, connect your laptop into another country which allows the access to the website you’re looking for, for example, The United States and voila! your laptop says that it is in The United States, even though it physically isn’t and you can access the website you want.
I use Private Internet Access or PIA as my preferred company for VPN access. This is the preferred company for many cybersecurity professionals as well. They are reliable and fast and their customer service is the best. They offer their services starting at a very low monthly fee. Also, they offer a wide variety of IP ranges per region. These means that you won’t have to worry about speed on the VPN server you are connecting to and you will always have an IP address available when you need it the most, which is critical when doing our job.
Hosting Your Own Virtual Private Server (VPS)
For those looking to perform vulnerability tests, it is important to have a hosted Virtual Private Server and for this, I use a2hosting. For a low monthly fee, the advantages are enormous!
Having our own hosted server is essential when we need a server on-demand to do things like:
- Logging results from a script you need to run and you can leave running on the server. Compare this to running a script form your laptop and suddenly you need to close it and leave to do other stuff, or there was a downtime on your network. Leveraging from a hosting site is important as they provide redundancy for your system and a2hosting provide 99.9% uptime. This is what I do.
- Also, when a corporate client hires me to perform phishing tests on their employees as part of their routine Cybersecurity Risk Assessment, I use the hosted server to quickly create a cloned website from the client (with their permission and written consent) and create an extended version of a “new” Intranet Portal and try to capture as much information as I can to gain access to their systems by mixing it up with some social engineering… and trust me when I say that it works!
- I also use it to run some tests using scripts to see new ways to gain Administrative access to a system or to test a new vulnerability I recently read about.
As you can see, the advantages are only limited to what you can think of !
If you need more recommendations, feel free to visit my “Recommended Tools” page with the list of all tools I personally use.
by Edgar Vera, MS Cybersecurity