Expanding capability horizons : Homelabs and beyond
A presentation at c0c0n 2023 in in Kochi, Kerala, India by Anant Shrivastava
Expanding capability horizons Home labs and beyond Anant Shrivastava Founder – Cyfinoid Research
Anant Shrivastava Chief researcher @ Cyfinoid Research ● 15+ yrs of corporate exposure ● Speaker / Trainer BlackHat, c0c0n, nullcon, RootConf, RuxCon ● Open Projects: ○ Code Vigilant ○ Hacking Archives of India, ○ TamerPlatform ● https://anantshri.info (@anantshri on social platforms) (c) Anant Shrivastava 2
Agenda • InfoSec Landscape • Specialization • Power of Practice • Home Labs • Technology Advancements • Setting Up Labs: Key Questions (c) Anant Shrivastava 3
(c) Anant Shrivastava 4
Specialization OFFENSE DEFENSE DETECTION (c) Anant Shrivastava AUDIT DEVELOPMENT ADMINISTRATION 5
Specialization and Its Perils Missing Cross functional knowledge Gaps in understanding Unaware of demographic context Unaware of ground realities (c) Anant Shrivastava 6
Bridging the Gap by self learning Self – learning is simplest approach Builds cross functional capabilities (c) Anant Shrivastava Enables empathy for the other teams 7
Home Labs One of the solutions (c) Anant Shrivastava 8
Why now? Technological Advancements Free resources Cloud services (c) Anant Shrivastava Automation 9
Security should be enabler Firsthand experience Builds confidence Provides background Empathy (c) Anant Shrivastava 10
Home lab: What should I Build Host your own server Solve Problems COTS products Raspberry pi based pi-hole Container applications NAS / Cloud HTTP Isolated network for iOT devices DNS VPN Network to connect devices Firewall Password Manager (c) Anant Shrivastava 11
Home Lab Questions? DO I NEED MY OWN HARDWARE? HOW MUCH DO I NEED TO UPSKILL? (c) Anant Shrivastava MAINTENANCE CHALLENGES 12
Do I need my own Hardware? For some scenarios yes Lots of Cloud resources are free NAS Website Pi-hole etc server https://free-for.dev/ (c) Anant Shrivastava 13
Upskilling Required LOTS OF PUBLIC RESOURCES TO GET STARTED ALSO MAKES YOU LEARN BY EXPERIMENTATION (c) Anant Shrivastava 14
Maintenance Challenges Software upgrades Hardware errors (c) Anant Shrivastava BCP / DR Challenges 15
Software upgrades Maintain Inventory Subscribe to feeds to get updates about upgrades Perform periodic upgrades Tried Slack and email router upgrades needs approval when its cricket or evening show time Currently using a feed/email reader : read.readwise.com (c) Anant Shrivastava 16
Hardware Issues Reading SMART data helps Not ignoring that sudden sharp noise helps You get more conscious about subtle ir-regularity in hardware behaviour I don’t recommend keeping a lot of spares: spares are a quick amazon or Flipkart order away. (c) Anant Shrivastava 17
Backup 3-2-1 Setup 3 COPIES OF DATA 2 DIFFERENT TYPE OF MEDIA (c) Anant Shrivastava 1 COPY OFF-SITE 18
My Setup @ Home • Own router to keep constant IP Address schema • Pi-Hole to block traffic • NAS to store data (Photo, Videos, Audio and Backup) • Tailscale to provide VPN network for devices • Personal Server to host containers or VM’s • Self Hosted LLM Instance : Trained on PKM Data (c) Anant Shrivastava 19
My Setup: Cloud Self Hosted Static Sites • Anantshri.info • HackingArchivesofIndia.com • Tamerplatform.com • Codevigilant.com Self Hosted Fediverse Instance • Social.anantshri.info : Mastodon / Activitypub Capable Server (c) Anant Shrivastava 20
Sadistic Self Hosted LLM (c) Anant Shrivastava 21
Holistic Growth • Understanding networking • Managing Servers • Setting up Backup and recovery process • Network Monitoring • VPN connectivity • Software deployment and maintenance • Automation Capabilities (c) Anant Shrivastava 22
(c) Anant Shrivastava 23
This presentation focused on building your homelabs and using that to grow and upskill yourself.
