Day: March 10, 2020

Posted in Labs, What I've Used

Build A Lab With Me… (#2)

Posted on by Steph

Dualities

The second type of lab I’m currently working on is a dual-boot machine. Some might not advise to building from this type of lab, but it can allow for having a computer that is on a segregated network for analysis and then having that computer also be set with a deep freeze program that resets the computer after logging off cleaning it or having a windows computer that can run Fireye Flare VM again in a double segregated environment.

The idea for this Lab came from interactions with similar set-ups without the dual-booting in which the lab was set-up for analysis on a segregated network. The dual-booting for me was kind of a bonus, because I had wanted to try doing it for a while and then also because it allows me a computer to run Linux away from my main computer while also running Windows. It gives me access to use tools that might be made for either platform in the same computer giving it a singular purpose.

Currently, this lab is not in it’s completed iteration. I still mainly use the VM lab to work on CTFs or do classwork, but this lab is coming 1.0 before the end of summer. So look forward to 2.a, etc in the near future.

PROS:

  • Keeps Lab separate from main computer
  • Allows for practicing from both a Linux and Windows Environment
  • Deep Freeze Software can be used to reset computer after analysis

CONS:

  • Separating would require another system
  • Not as cost effective as VM
  • Dualbooting improperly can damage computer
  • Analysis can damage computer
  • Improperly segregating network might spread malware
https://www.youtube.com/watch?v=L2RFxeu2Y-0

(There are any number of sites/videos regarding dualbooting. This is just and example)

My Machine Specs:

Lenovo M72z All-In-One
  • Intel 5-3470S
  • 2.90GHz
  • 8GB DDR3
  • 500GB SATA HDD
  • 20″ Screen
  • Windows 10/Kali
  • DVD-ROM
  • Switch (to segregate the network)

Applications List:

I keep a running list of Applications I want to look at/Test
  • Burp Suite
  • FTK
  • PuTTy
  • OpenVAS
  • TOR
  • IDA
  • Deep Freeze Software
  • Brave Browser
  • Firefox
  • OpenStego
  • Netwitness Investigator
  • Flame VM on VirtualBox
  • SIFT VM on VirtualBox