Sanity check: Setting up a Cyber Security Home Lab using my Unraid Box

[Megahurtz400]

Afternoon all!

I'm looking to change careers into the Cyber Security space later this year, and with no actual industry experience i'm trying to get hands on with as many tools and technologies as possible to prove that I have some idea of what i'm doing

It's come to the point where I need to get a proper homelab set up to start emulating attacking/defending, but feeling a bit lost as to where to start so wondering if someone can eye over my plan below to see if it would work or i'm barking up the wrong tree.

- Using my Unraid box (2700x/64GB DDR4/3070/1TS SSD/28TB pool) as the Host
- OPNsense in a docker container/vm to act as the firewall/router of the Virtual private network
- Windows Server/Linux Server/Windows Hosts/Kali Linux VM/Security Onion VM etc. etc. all connected through the OPNsense VM

I have OPNsense set up on a Dell optiplex for my actual firewall/router, but wanting to emulate an entire physical network homelab all within my Unraid box.

Would that be possible? And would it make sense or is there a better way to do it?

As you may be able to tell, i'm relatively new to this level of stuff so any help would be greatly appreciated

 

[LostCorpse]

there seems enough grunt there to do it. and unraid supports VMs https://docs.unraid.net/unraid-os/manual/vm-support/
Unraid wouldnt be my first choise but thats more becuase im not overly familiar with it. id prob suggest proxmox or xcp-ng myself.
based on the documentation VM support isnt as great as i would like. this is more around windows server though.
it doesnt state linux but its a given it works with the comon distros.

see if your able to look into ms sentinel as well

What is Microsoft Sentinel?

Learn about Microsoft Sentinel, a scalable, cloud-native security information and event management (SIEM) and security orchestration, automation, and response (SOAR) solution.

learn.microsoft.com

depends on your expirence, there is a whole range to expore in cyber security, so depends what area you want to expore really. what do you think it is?

id also may be suggest something like hackthebox to get some basics.

https://blogs.vmware.com/workstation/2024/05/vmware-workstation-pro-now-available-free-for-personal-use.html

is also worth a look into.

 

[Megahurtz400]

Thanks for the reply @LostCorpse !

I'm aiming to get into a SOC analyst role early next year, the red team/pentesting side is probably what has piqued my interest in the industry, but I realise those sorts of roles aren't for newbies, and are few and far between, so SOC analyst seems to be a good way to get into the industry. Have to learn how to protect something to attack it best after all!

Already working my way through TryHackMe which is a great help for getting used to tools and getting the basics down!

Now to try and put everything together, wish me luck

 

[Ev0]

When I had my little lab environment setup I used VMWare Workstation, had OPNSense setup and then had my hosts in various virtual networks within.

Did the job of having things like my virtual IPS appliances running between networks, SIEM running collecting logs/monitoring network traffic etc.