Expanding capability horizons : Homelabs and beyond

Expanding capability horizons Home labs and beyond Anant Shrivastava Founder – Cyfinoid Research

Anant Shrivastava Chief researcher @ Cyfinoid Research ● 15+ yrs of corporate exposure ● Speaker / Trainer BlackHat, c0c0n, nullcon, RootConf, RuxCon ● Open Projects: ○ Code Vigilant ○ Hacking Archives of India, ○ TamerPlatform ● https://anantshri.info (@anantshri on social platforms) (c) Anant Shrivastava 2

Agenda • InfoSec Landscape • Specialization • Power of Practice • Home Labs • Technology Advancements • Setting Up Labs: Key Questions (c) Anant Shrivastava 3

(c) Anant Shrivastava 4

Specialization OFFENSE DEFENSE DETECTION (c) Anant Shrivastava AUDIT DEVELOPMENT ADMINISTRATION 5

Specialization and Its Perils Missing Cross functional knowledge Gaps in understanding Unaware of demographic context Unaware of ground realities (c) Anant Shrivastava 6

Bridging the Gap by self learning Self – learning is simplest approach Builds cross functional capabilities (c) Anant Shrivastava Enables empathy for the other teams 7

Home Labs One of the solutions (c) Anant Shrivastava 8

Why now? Technological Advancements Free resources Cloud services (c) Anant Shrivastava Automation 9

Security should be enabler Firsthand experience Builds confidence Provides background Empathy (c) Anant Shrivastava 10

Home lab: What should I Build Host your own server Solve Problems COTS products Raspberry pi based pi-hole Container applications NAS / Cloud HTTP Isolated network for iOT devices DNS VPN Network to connect devices Firewall Password Manager (c) Anant Shrivastava 11

Home Lab Questions? DO I NEED MY OWN HARDWARE? HOW MUCH DO I NEED TO UPSKILL? (c) Anant Shrivastava MAINTENANCE CHALLENGES 12

Do I need my own Hardware? For some scenarios yes Lots of Cloud resources are free NAS Website Pi-hole etc server https://free-for.dev/ (c) Anant Shrivastava 13

Upskilling Required LOTS OF PUBLIC RESOURCES TO GET STARTED ALSO MAKES YOU LEARN BY EXPERIMENTATION (c) Anant Shrivastava 14

Maintenance Challenges Software upgrades Hardware errors (c) Anant Shrivastava BCP / DR Challenges 15

Software upgrades Maintain Inventory Subscribe to feeds to get updates about upgrades Perform periodic upgrades Tried Slack and email router upgrades needs approval when its cricket or evening show time Currently using a feed/email reader : read.readwise.com (c) Anant Shrivastava 16

Hardware Issues Reading SMART data helps Not ignoring that sudden sharp noise helps You get more conscious about subtle ir-regularity in hardware behaviour I don’t recommend keeping a lot of spares: spares are a quick amazon or Flipkart order away. (c) Anant Shrivastava 17

Backup 3-2-1 Setup 3 COPIES OF DATA 2 DIFFERENT TYPE OF MEDIA (c) Anant Shrivastava 1 COPY OFF-SITE 18

My Setup @ Home • Own router to keep constant IP Address schema • Pi-Hole to block traffic • NAS to store data (Photo, Videos, Audio and Backup) • Tailscale to provide VPN network for devices • Personal Server to host containers or VM’s • Self Hosted LLM Instance : Trained on PKM Data (c) Anant Shrivastava 19

My Setup: Cloud Self Hosted Static Sites • Anantshri.info • HackingArchivesofIndia.com • Tamerplatform.com • Codevigilant.com Self Hosted Fediverse Instance • Social.anantshri.info : Mastodon / Activitypub Capable Server (c) Anant Shrivastava 20

Sadistic Self Hosted LLM (c) Anant Shrivastava 21

Holistic Growth • Understanding networking • Managing Servers • Setting up Backup and recovery process • Network Monitoring • VPN connectivity • Software deployment and maintenance • Automation Capabilities (c) Anant Shrivastava 22

(c) Anant Shrivastava 23