Thinking Out Loud, v1
As this is really the first post for boydsbar.com, I felt that I needed some way of splitting the guides from just talking out loud. So the "Thinking Out Loud" series will be a.. blog really, of what the plan is going to be moving forward as we continue this rebuild. This one in particular will be a show and tell of where I am currently, and why I feel I need to rebuild.
I guess I start with who I am.
Who am I?
I use the name Odin for a lot of things so we will stick with that. I have been doing IT/Cyber security for the last 12 - 15 years and started with engineering on both the IT and security side.
Starting with network and systems engineering then moving to security engineering so when I moved away from it to do DFIR and malware analysis, I missed it. Building a homelab really fills that gap.
What a homelab?
A home lab is a lab in your home. I know, duh, but that's it. Expanding on that is really anything that runs beyond the normal laptop/desktop. Something that is running 24/7 for the purpose of something other than normal everyday activity. In my opinion, if a youtuber has a NAS running in their office then they have a basic homelab. It is something outside the norm of every day users.
Why a homelab?
Home labs let you explore and learn things you might not know. It is how I was introduced into containers and distributed processing. It is also how I learned that I want to learn more about flask web development as I see a lot of projects using that on Github.
My homelab started with a Plex server, which is probably the main way most people will get into this. Then it grew to the arrs stuff and has grown from there to the point now where I am looking for ways to automate expansion and one off solutions (Long term goals).
Where is my homelab now?
This is obviously not a question about where it stands physically, my living room if you are curious, but what is in it. The answer to this question is simply, a lot.
I posted my current version of my homelab on reddit I guess about a year ago at this point (I have been working on a couple industry certificates since then), but I will show and list everything here as well. Click here, for an image of diagram.
|Server Name||Host Type||Memory||HDD||NIC||Extra|
|Asgard||Dell NX3200||96GB||96 TB||2 10G SFP+, 4 1GE||Nvidia P2000|
|Yggdrasil||Dell R620||256GB||6TB||2 10G SFP+, 4 1GE||N/A|
|Hugin||Dell R720||256GB||6TB||2 10G SFP+, 4 1GE||N/A|
|Muinin||Dell R720||256GB||6TB||2 10G SFP+, 4 1GE||N/A|
|Thor's Big Booty||Synology RS3412RPXS||16GB||80TB||1 10G SFP+, 4 1GE||N/A|
|Fat Thor||Synology RS3412RPXS||16GB||92TB||1 10G SFP+, 4 1GE||N/A|
2x Ubiquiti US-8 150w
Thinking out loud
You might be wondering, why in the world do I need to make changes? You have a lot already! The answer is simply, efficiency and standardization.
As you can see, there is a Norse theme running through it, but the theme is sporadic and inconsistent with meaning. I would like to also come up with VM host naming standards to get an idea at a glance, what is important or not. For instance, I was working on building a SIEM for my environment and named them all Hel as I was moving forward in the process, examples: Hel-Splunk, Hel-ELK, Hel-Grey. However, I did not do this in the beginning with other ideas and systems. Some of the servers have the OS in it.
Personally, I think a homelab should work to follow certain standards as well and one of those is a naming standard consistent with industry in an effort to make yourself more marketable and knowledgeable about the industry itself. I currently do DFIR consulting and so I see a lot of good and bad naming standards.
So I am thinking the standard will be something like (Norse God)(Server Abbreviation)(Tool*)(Instance Number). Example: HELYGSPL01 (Hel)(Yggdrasil)(Splunk)(01). That is just what I am thinking. The asterisk for tool means that if the host contains multiple tools then I will need another idea.
The reason I am starting with a naming standard is that also helps with DNS entries. In the future I could go to HELYGSPL01.boydsbar and it would take me to that application or host depending. This also allows me to then shift toward IP addressing that is consistent and separated as needed for vlans.
Before you get concerned that your homelab isn't following a plan, stop. You do not have to do this in the beginning. You might not have the hardware to do vlans or want to insert that complexity, I debate that myself a lot. As long as you are learning and moving forward, you are going the right direction. The exception to that is intentionally ignoring security practices because it is easier (DO NOT PUT YOUR HOME LAB IN YOUR DMZ!).
At the end of these things, I want to put a series of goals that I either need to tackle or want to start on so you can follow along. The idea being that when I do the next Thinking Out Loud these will be done and I show proof. A way of keeping my accountable. So for the next one, these 3 items will be my objective.
[ ] Create Naming Standard
[ ] Create IP Standard
[ ] Start Organizing current containers to singular location
Come to the discord server and ask for help, ask questions, play games. Currently, I am really the only person that is supporting so please be patient with me.