Setting Up a Lab

Setting Up a Lab

What will you need for a lab as a cyber security researcher? You will need a computer. That’s for sure. What kind of computer? Well, several actually. You will need several operating systems; several programming languages; an editor and/or IDE for writing programs. A compiler for compiling some programs. A router or two, or at least an emulator. A web server or two. Some software tools. Lots of Internet access.

Of all the items I will discuss, you do not need to get them all at once. But, you will need to get a computer, an operating system and some kind of programming language which, will include some kind of programming editor to write the programs.

A Computer

Let’s take this step by step. You will need a computer. That’s pretty much a given. The bigger the better. The more memory, the better off you will be. Students can usually purchase computers at discount from a variety of sources. There are several charities and charitable programs that offer refurbished computers to students at little or no charge. Inquire from Microsoft and Dell. Shop around. Best buy also has refurbished computers, clearance, etc.

If you are an eager beaver, you can try scavenging and finding a discard computer. It will take some work to repair—experience for you. I have seen clueless people, pick up disposed of computers on the curb and get them working.

Operating Systems

When I say you will need several computers I mean, you will need to run several operating systems. At least, you should. This can be done on one machine with a dual boot. Or, you can dive deep into just one operating system. That is a good approach to get started.

Windows and Linux or, Unix are very popular operating systems. You should learn them. Windows is proprietary. It is made by a company, Microsoft, and sold for money. There is no way around that. There are lots of Windows powered machines and knowing Windows for cybersecurity is definitely desirable. Linux and Unix can be acquired for free as open source software. Open source software is publicly available programming code. Solaris for Unix and Ubuntu for Linux are some examples.

Studying an open source operating system, reverse engineering the programming code, to know how it works, will teach you a lot about programming and operating systems. It is also the way to understanding what it’s vulnerabilities are. I will talk more about this later.

For Solaris, go to oracle.com/solaris For Ubuntu go to ubuntu.com Both sites have lots of information about how to download and install their respective operating system, in a variety of scenarios. I would strongly suggest burning (making) a DVD image of the you wish to install. This way, if there are any issues later on with the system getting corrupted, you can simply reinstall the system and update it. You will then be back to square one easily. This being a lesson in the necessity and utility of backups (making copies of your data and programs).

Both Solaris and Ubuntu will dual boot with Windows.

Ubuntu is open source. You can download the source code and study it.

Then, there is Apple. Not having much experience with Apple, I can not advise you about Apple. But, like Microsoft, Apple is proprietary and requires purchasing and Apple computer. Unlike Windows, Linux or Unix—which can run on generic, brand X, PC computer equipment—Apple software requires an Apple computer.

Android is an operating system that is usually run on a phone. It was made by Google and like many operating systems, is based on Linux (which is based on Unix). Android is open source. The tools to access an Android device are readily downloaded freely under the GNU license. You can get a copy of Eclipse for Android or Android Studio. These will allow you to poke around the files on an Android system. Needless to say, you will a USB cable to connect your phone to your computer. I will discuss this more in detail when discussing cellphones.

Development Environments

An IDE is an “Interactive Development Environment”. This is a program that includes and editor and other tools that let you make software. The editors will usually check for errors in the programming code as well as run the software in a demo mode. Also, the environments have debugging tools, especially a step through mode that allows you to see what the program does at each point. Very useful for trying to figure out, why your program is not doing what you thought you designed it to do.

Microsoft makes an IDE called Visual Studio. Visual Studio is very powerful. It includes a C/C++ editor and compiler as well as an MS SQL interface. Visual Studio is now available for free. Beware, Visual Studio is very large and has many options that may confuse you. Having said that, many programmers use precisely because of the many options it has.

Eclipse is a free open source programming tool developed and distributed by the Eclipse Foundation. Eclipse supports many programming languages: Java, PHP, C/C++, Python, and Javascript to name a few. You can view their website for more info at http://www.eclipse.org/ and download an IDE from https://www.eclipse.org/downloads/eclipse-packages/

Blood-Dev is a C/C++ IDE that is free and distributed under the GNU license. It is available at https://bloodshed.net/devcpp.html It is smaller and takes less resources than Eclipse.

Programming Languages

To acquire C/C++ or Python, you can use one of the IDEs above. For Python, there is another option that is a good one and is less cumbersome than using Eclipse or Virtual Studio. Python freely distributes it’s own IDE. It quite good and can be used simply.

Databases

Microsoft (MS) SQL, in a limited version, comes with Virtual Studio.

MySQL is downloaded freely from Oracle at https://www.mysql.com/

If you install Ubuntu, Ubuntu comes with lots of “bundled” software—software that is added to the release, but not part of the operating system. The Ubuntu release includes MySQL and Python 2 as well as Python 3.

Sandboxes

A sandbox is software that contains a running program and does not allow the program to read or write (change) files outside its domain. So, for example, you sent up your email reader and do not allow it to access any other files than within the domain (file directory) of the email program. This allows you to open an attachment and see if it is malicious. Just, one example.

Sandboxie is a very popular, freeware sandbox program available from https://www.sandboxie.com/

Virtual Machines

A virtual machine is a computer without the physical components. How is that done? Well, you do need a physical computer. But, for example, if I have a Windows machine, I can emulate another machine on my Windows machine. In effect, I open up a new window, that looks like and runs like a different kind of computer.

Running a virtual machine takes a lot of resources. The CPU (the computer’s brain) has to work real hard translating from one machine to the other and pretending to be what it isn’t. Also, all the information that takes up the operating system of the virtual machine has to be stored on your computer’s drive. In addition, whatever data you may have, also has to be stored on your drive.

Virtual machines to provide very safe environments to test malicious and suspicious software without hurting a working, clean, unaffected machine. The snapshots of a virtual machine can tell you what viruses are doing. From this, you can reverse engineer how viruses are working and what they attack.

Oracle makes VM Virtual Box which is free to download. It is available at https://www.virtualbox.org/

Where Do You Start?

Start with getting a computer. If you can get Windows, that is good.

Get a copy of Linux and install it on your computer.

Get familiar with Windows and Linux.