home security lab

Status: In Progress | Tools: VirtualBox, Kali Linux, Security Onion, Nmap, OpenVAS, Metasploit

project goal

Setup a home security lab using virtual machines to simulate a real-world network, and then conduct 4 tests inside this lab environment.

hardware requirements

• PC with 32GB RAM and Intel i7 processor
• Linksys MX4300 router for network segmentation
• VirtualBox for virtualization

software stack

• Virtualization: VirtualBox (open-source preference)
• Operating Systems: Kali Linux, Security Onion, Windows 10/11, Ubuntu
• Security Tools: SIEM (Splunk/OSSIM), EDR (Wazuh/OSSEC), Vulnerability Scanner (Nessus/OpenVAS/Nmap)
• Analysis Tools: Wireshark, TCPdump, Remnux/Flare VM

lab architecture

[Windows 10 Host Machine]
|
| - VM 1: Kali Linux (Attack Platform)
|
| - VM 2: Windows 10 Client (Target)
|
| - VM 3: Security Onion (Monitoring/SIEM)

Platform Choice: Kali Linux selected for familiarity and comprehensive built-in toolset. Security Onion chosen as free, open-source, industry-standard SIEM solution.

security tests conducted

test #1: port scanning with nmap

Comprehensive port discovery and service enumeration against the Windows 10 target VM.

Command executed:

nmap -sV -p- <IP_of_Windows_10_VM>

Analysis: Nmap scans all 65,535 ports to identify open services, like checking for unlocked doors on a building. The -sV flag provides service version detection for vulnerability assessment.

Key Findings: Multiple unnecessary ports discovered open, indicating misconfigurations in the target system setup.

Critical open ports identified:

• Port 3389 (RDP): Vulnerable to brute-force attacks and RDP exploits
• Port 445 (SMB): Susceptible to EternalBlue exploitation
• Ports 21 (FTP) and 23 (Telnet): May leak system information and version details

test #2: vulnerability scanning

Comprehensive vulnerability assessment using OpenVAS for deeper security analysis.

OpenVAS installation and setup:

sudo apt update
sudo apt install openvas
sudo gvm-setup
sudo gvm-feed-update

Scan configuration:

• Target: Windows 10 VM IP address
• Scan Type: Full and Fast (authenticated scan)
• Access Method: Web interface at https://localhost:9392

Scan Types:

• Non-authenticated scans: Limited visibility, external perspective
• Authenticated scans: Deeper insights using credentials (selected for lab environment)

Results: Multiple high-severity vulnerabilities discovered requiring immediate attention and patching.

vulnerability remediation

Verification: Post-remediation scan confirmed successful mitigation of all identified vulnerabilities.

test #3: metasploit exploitation

Exploitation testing against known vulnerabilities using the Metasploit framework.

Status: Documentation in progress

bonus test: logging simulation

Implementation of comprehensive logging and detection capabilities using Wazuh and Sysmon.

Status: Planning phase

learning outcomes

• Hands-on experience with enterprise vulnerability assessment tools
• Understanding of authenticated vs non-authenticated security scanning
• Practical application of vulnerability remediation processes
• Network reconnaissance and service enumeration techniques
• Virtual machine lab environment construction and management
• Open-source security tool deployment and configuration

next steps

• Complete Metasploit exploitation testing documentation
• Implement comprehensive logging and SIEM integration
• Add network traffic analysis and forensics capabilities
• Document incident response procedures and playbooks
• Expand lab with additional vulnerable systems and scenarios

← back to projects