The use and creation of a hacking Lab

Every hacker must have a place to practice and explore. Most newcomers are confused about how they can learn to use hacking tools without breaking the law or attacking unauthorized targets. This is most often accomplished through the creation of a personal “hacking lab”. A hacking lab is a sandboxed environment where your traffic and attacks have no chance of escaping or reaching unauthorized and unintended targets. In this environment, you are free to explore all the various tools and techniques without fear that some traffic or attack will escape your network. At a minimum, the lab is set up to contain at least two machines: one attacker, and one victim. In other configurations, several victim machines can be deployed simultaneously to simulate a more realistic network.

The proper use and setup of a hacking lab is vital because one of the most effective means to learn something is by doing that thing. Learning and mastering the basics of penetration testing ain’t different.

The single most crucial point of any hacker lab is the isolation of the network. You must configure your lab network in such a way that traffic can’t escape or travel outside the network. Mistakes happen and even the most careful people can fat-finger or mistype an IP address. It’s a simple mistake to mistype a single digit in an IP address, but that mistake can have drastic consequences for you and your future. It’d be a shame (and more importantly illegal) for you to run a series of scans and attacks against what you thought was your hacker lab target with an IP address of 172.16.1.1 only to find out later that you entered the IP address as 122.16.1.1.

The simplest and most effective way to create a sandboxed or isolated environment is to physically unplug or disconnect your network from the Internet. If you’re using physical machines, it’s best to rely on hardwired Ethernet cables and switches to route traffic. Also be sure to double (and triple) check that all of your wireless NICs are turned off. Always carefully inspect and review your network for potential leaks before continuing.

Although the use of physical machines to create a hacking lab is an acceptable solution, the use of virtual machines provides several key benefits. First, given today’s processing power, it’s easy to set up and create a mini hacking lab on a single machine laptop. In most cases, an average machine can run two or three virtual machines simultaneously because our targets can be set up using minimal resources. Even running on a laptop, it’s possible to run two virtual machines at the same time. The added benefit of using a laptop is the fact that your lab is portable. With the cheap cost of external storage today, it’s easily possible to pack hundreds of virtual machines on a single external hard drive; these can be easily transported and set up in a matter of minutes. Anytime you’re interested in practising your skills or exploring a new tool, simply open up Linux and deploy a VM as a target. Setting up a lab like this gives you the ability to quickly plug-and-play various operating systems and configurations.

Another benefit of using virtual machines in your pen-testing lab is the fact that it’s very simple to sandbox your entire system. Simply turn off the wireless card and unplug the cable from the Internet. Your physical machine and virtual machines will still be able to communicate with each other and you can be certain that no attack traffic will release your physical machine.

In general, penetration testing is a destructive process. Many of the tools and exploits we run can cause damage or take systems offline. In some cases, it’s easier to reinstall the OS or program rather than attempt to repair it. This is another area where VMs shine. Rather than having to physically reinstall a program like SQL server or even an entire operating system, the VM can be quickly reset or restored to its original configuration.