Home Lab
Overview
I am planning to combine all my scattered home lab setup into some niche architecture, which has both malware analysis/development and threat detection. I used one old Laptop and a Dell Micro. The specs are sufficient for my requirements. I’m using Proxmox for virtualization as it’s an open-source hypervisor and has all features like cloning, snapshot, backup, and network management.
Requirement
| Name | Core | RAM (GB) | Disk (GB) | Remark |
|---|---|---|---|---|
| Asus PN41 | 2 | 8 | 512 | Optional |
| Micro 3070 | 4 | 32 | 1024 | Required |
| Laptop | 8 | 32 | 512 | Required |
| RPi3 | 4 | 1 | 16 | Optional |
| RPi3 | 4 | 1 | 32 | Optional |
Description
The Malware Lab setup includes Windows as the target machine, Active Directory, Windows machine with Flare and Sentinel configured and REMnux. Logs from all hosts will be forwarded to Wazuh and Splunk for Analysis and Detection. With Splunk, we can analyse all raw logs and Wazuh will be configured with Sigma/Yara for detection along with its native rule. Also, thinking of putting a network tap with Suricata.
This will get enhanced as we move forward and will write all the setup and configuration in a separate article.