IT Lab - A Necessity!

Tuesday, July 21, 2009

If you are on in the IT field in any way, shape, or form you most likely have or NEED to have a lab. A lab is where you can play with applications, configurations, tools, operating systems, etc without having to worry if any of it breaks. The best analogy I have heard is that a lab is like a sandbox (yes the sandbox you used to play in when you were a little kid): in a sandbox you can play and learn where the sand goes and does not go, what tools play nice with the sand, what happens when other elements get added to the sand (like water), etc, so you get the point. Well since we are a little old for sandboxes we have labs. I have always been a fan of home labs and the recent discussion on Pauldotcom mailing list has inspired me to write this especially since it was brought to light that not that many people have them. This lead me to think how many people in IT and Security work on live environments instead of labs for testing? I used to work in an IT department that tested new products and services on live systems. This is not a best practice! A lab at work is a necessity but a lab at home is even better for testing everything YOU want.

So I want my own lab where do you start?
When you think of a lab naturally you think of an area with many computers all over the place and what not. However due to the advancements in virtualization you can run an entire lab from a single powerful computer. You no longer need a bunch of old computers networked together, instead you can just use virtual machines and turn them on when you need them. My first step in building my current lab was to obtain a rather powerful computer (not a laptop) to have as my dedicated server for all my virtual machines. The workstation I currently use is a dual core 3.2Ghz with 4GB of RAM and 250GB hard drive. Depending on your budget for such a project this might be more or less than what you want. The concept is to install a virtualization hypervisor like Citrix XenServer, VMWare ESXi server, or even Microsoft Hyper-V and use as your dedicated lab server. I recommend a ESXi and Citrix as they are free and have lots of documentation. If you only have 1 powerful machine that you use for day to day however, you can download VirtualBox or VMWare Server and run the virtual machines on top of your current OS. The same concept remains of running virtual machines for your lab setup.

Powerful machine and a hypervisor - check, now what?
Now would be a good time to decide what you want your first lab project to be. Depending on this answer you are going to start creating virtual machines on your dedicated server. For instance if you are an IT Administrator and want to check out the latest Microsoft is offering you would build a Windows 2008 R2 RC server and run AD, DNS, DHCP, etc on your virtual environment. Then you can build another one like it with Exchange 2010. Perhaps some Windows 7 workstations? The great thing about this setup is that you can take snapshots before testing anything new and if you mess up you can revert back. You can also clone machines so as soon as your Windows 2008 R2 RC setup is done you can clone it and have an Exchange server running in no time.

For those in IT Security the options are endless. You can install Windows XP unpatched, Windows XP SP1, Windows XP SP2, Windows XP SP3, DVL (damn vulnerable linux), and others to get started and begin testing exploits against them. Jason Haddix wrote a great blog post on building a a network pentest lab. He goes in more detail than this introductory post to setting up and IT Lab.

I hope you now have a basic idea of how an IT lab works and the drive to get started building your own and playing in your grown up sandbox. Do you currently have an IT lab at home or at work? What do you have running on it and what do you use it for? Feel free to provide feedback in the comments.

Till next time,
Jorge Orchilles


2 Responses to “IT Lab - A Necessity!”
Post a Comment | Post Comments (Atom)

jcran said...

agreed! if you're looking to simulate networks and protocols, you may want to take a look at GNS3 or similar projects!

July 23, 2009 at 4:11 AM
Marod said...

Excellent idea Jorge, it does help me to grown and learn much more by trying these things out, keep posting...

July 23, 2009 at 9:19 AM