CyberWox’s Cyber Sec Homelab on Virtual Box

Table of Contents

Homelabs are fun, challenging, but fun.

Building an entire virtual network of interconnected computers to simulate real-world traffic and situations.

This is my additional guide to Cyberwox’s Building a Cybersecurity Homelab, but, for those using VirtualBox. Here’s a visual guide for the lab:

Disclaimer, this does not contain 100% of the steps of this project.

1. Intro

Ideally, use a dedicated lab computer for this, a spare laptop or an old gaming PC. Spec-wise, 4-8 Core CPU, 16-32Gb RAM, 500Gb+ HDD is recommended.

Let’s get everything you need for the lab. You’ll be downloading an EXE file i.e. an application and some ISO files, these are disc image files. Start by creating an ‘Image’ folder to store everything in.

Download and install VirtualBox (VBox), this is the hypervisor we’ll be using to virtually simulate the network. If this is your first time, follow the User Manual provided. If you’re familiar with virtualisation software, feel free to use VMWare or Hyper-V. Read this if you’re having VBox issues, it’s worth disabling Hyper-V.

I’m assuming this will all be done on a Windows 10 64-bit desktop.

Get a pfSense ISO (AMD-64bit), this is the network segmentation, dynamic host control protocol (DHCP) and firewall. Next, download Security Onion ISO, this is for intrusion detection system (IDS), monitoring, and logging.

Grab an Ubunutu Desktop ISO, an Ubunutu Server ISO and a Kali Linux ISO, these are Linux operating systems. Then get a Windows Server ISO and Windows 10 ISO.

Lastly, get a license for Splunk, sign up and you’ll (most likely) get a free developer license via email within a day or two.

Something I noticed in the original tutorial, NAT adapters get used, I don’t think this is required. You’ll see below all the network adapter configs for each VM.

2. Setup

Open VBox and start creating VMs, use a logical nomenclature, like ‘lab1’ as a suffix e.g. l1-pfs, l1-kali etc. It keeps things organised.

pfSense (l1-pfs)

Use the following settings:

  • Type: BSD, Version: FreeBSD (64-bit)
  • 2Gb RAM, 1 Core CPU, 20Gb HDD
  • Adapters (NICs): Adapter 1: Bridged, Adapter 2: Internal, l1-vlan2, Adapter 3: Internal, l1-vlan3, Adapter 4: Internal, l1-vlan4, Adapter 5: Internal, l1-vlan5, Adapter 6: Internal, l1-vlan6.
  • IP: 192.168.1.1

You’ll need to add extra NICs, you can add up to 4 using the GUI and 8 in total via CLI. Open CMD/PowerShell/Terminal, navigate to where VBox is installed and edit the NICs. Use the commands below to assist:

  • Change directories: cd C:\\Program Files\\Oracle\\VirtualBox
  • Show VM info: .\\VBoxManage showvminfo l1-pfs
  • Set nic5 to internal: .\\VBoxManage modifyvm l1-pfs --nic5 intnet
  • Set nic5 to l1-vlan: .\\VBoxManage modifyvm l1-pfs --intnet5 l1-vlan
  • Set nic6 to internal: .\\VBoxManage modifyvm l1-pfs --nic6 intnet
  • Set nic6 to l1-vlan: .\\VBoxManage modifyvm l1-pfs --intnet6 l1-vlan

Once the NICs are turned on, they can be edited via GUI of the VM.

Once you’re done with that, follow the CyberWox tutorial for all the details.

After setup, It’s worth adding in firewall rules for each NIC as you’ll run into problems later. Firewall > Rules > Add > Any Protocols > Save > Apply.

Thanks to How2Shout and SuperUser.

Kali (l1-kali)

  • Type: Linux, Version: Red Hat (64-bit).
  • Specs: 3Gb RAM, 2 Core CPU, 80Gb HDD.
  • NIC: Adapter 1: Internal, l1-vlan2.
  • IP: 192.168.1.11, gateway: 192.168.1.1

Security Onion (l1-secon)

  • Type: Linux, Version: Red Hat (64-bit).
  • Specs: 12Gb RAM, 4 Core CPU, 350Gb HDD.
  • NICs: Adapter 1: Internal, l1-vlan4, Adapter 2: Internal, l1-vlan5.
  • IP: 192.168.3.10, gateway: 192.168.3.1

Ubuntu (l1-ubd)

  • Type: Linux, Version: Ubuntu (64-bit).
  • Specs: 2Gb RAM, 1 Core CPU, 20Gb HDD.
  • NICs: Adapter 1: Internal, l1-vlan4.
  • IP: 192.168.3.11, gateway: 192.168.3.1

Splunk (l1-sp)

  • Type: Linux, Version: Debian (64-bit).
  • Specs: 4Gb RAM, 2 Core CPU, 100Gb HDD.
  • NIC: Adapter 1: Internal, l1-vlan6.
  • IP: 192.168.4.10, gateway: 192.168.4.1

To manually set static IP for the Splunk machine:

  • Set static IP sudo ifconfig enp0s8 192.168.4.10 netmask 255.255.255.0
  • Set default gateway sudo route add default gw 192.168.4.1 enp0s8

I put the above in a bash script, added a line to execute splunk and then in crontab to automate this every time on startup:

  • Create file nano ip-config
#!bin/bash

sudo ifconfig enp0s8 192.168.4.10 netmask 255.255.255.0
sudo route add default gw 192.168.4.1 enp0s8

./home/splunk-admin/Downloads/splunk/bin/splunk start
  • Make executable chmod +x ip-config
  • Open Crontab crontab -e
  • Add at end @reboot sh /home/splunk-admin/ip-config
  • Reboot sudo reboot

Thanks to ByteFreaks, LinuxHint, Ryan and Baeldung.

Windows Server (l1-wsv)

  • Type: Windows, Version: Windows Server 2019
  • Specs: 3Gb RAM, 2 Core CPU, 50Gb HDD
  • NIC: Adapter 1, Internal, l1-vlan3
  • IP: 192.168.2.10, Gateway: 192.168.2.1

Windows Client 1 and 2 (l1-wc1, l1-wc2)

  • Type: Windows, Version: Windows 10
  • Specs: 2Gb RAM, 2 Core CPU, 25Gb HDD
  • NIC: Adapter 1, Internal, l1-vlan3
  • IP: 192.168.2.11-12, Gateway: 192.168.2.1

3. Reflection (Coming Soon)

I’ll add some more information here soon.


This is Day 18 of #100DaysOfHacking, subscribe to my newsletter to follow the journey!

If you have feedback, send me a message @mrashleyball.

Happy Hacking.

About The Author
Ashley Ball

Ashley Ball

“Learn, create, share, repeat.” • IT teacher, former web designer, learning #cybersec • Road to #100DaysOfHacking
Share This Article
Share on linkedin
LinkedIn
Share on twitter
Twitter
Share on facebook
Facebook
Share on whatsapp
WhatsApp
Share on email
Email

Monthly Newsletter

Learn about design, web tech and cyber security.

Leave A Comment

Leave a Reply

Your email address will not be published. Required fields are marked *

More Content

Monthly Newsletter

Learn about design, web tech and cyber security.

This site uses cookies and other tracking technologies to assist with navigation, monitor site usage and web traffic, assist with our promotional and marketing efforts, and customize and improve our services, as set out in our privacy policy