The main part of my honeypot network is an amazing piece of free open-source software called the ‘Modern Honeypot Network’, or MHN for short. MHN acts as a centralised server allowing for the automated deployment of various honeypots (Dionaea, WordPot, etc) and the collection of data generated by those honeypots. This data is then presented to the user via a web interface.
In this post I’m going to be detailing the steps I took to setup my very own MHN server and deploying my first honeypot.
It recently occurred to me that simple tasks such as setting up an internal web server or database were taking too long. Each time I needed to setup a website I was manually provisioning a VM, installing Debian, configuring the system by hand, installing Nginx, etc. There has to be a better way.
Enter docker. I’ve know about containers for awhile now but have yet to take a look. In this post I’m going to be installing Docker within my HomeLab on top of VMware’s new Photon OS, and showing how to manage the system with Portainer.
With the release of vSphere 6.5 VMware have drastically improved the state of vSphere security by implementing new features such as VM-level disk encryption, encrypted vMotion and support for the new secure boot model. Unfortunately, unlike Microsoft’s Hyper-V, VMware took the path of relying upon an entirely separate key management system for the storing of encryption keys.
In this guide I’m going to be showing you how to setup vSphere’s encryption features from scratch, suitable key management solutions, and my personal recommendations.
My HomeLab network was recently treated to a networking upgrade in the form of a Cisco Nexus 5010 switch. Whilst it’s been working absolutely fine, it occurred to me the version of NX-OS (Cisco’s operating system for Nexus devices) installed was from 2009 and could probably do with an update.
Nexus devices run NX-OS, not Cisco iOS, as is typically seen on other Cisco products such as the Catalyst switch range. As such the upgrade process is a little different for this operating system.
In this post I’ll be showing how I sourced the firmware for my device and the steps required to update it to the latest NX-OS version as of September 2018.
My home Wi-Fi password has always been rather simple and memorable. It makes it easy to give out to guests, input on devices without keyboards, and remember when needed. I always knew it was a little insecure, but how insecure?
In this post I’ll be showing you how you can put your home WPA2 Wi-Fi network password to the test with free open-source tools and less than £30 worth of hardware.
The recently launched Optane 900P solid state drive is Intel’s first consumer storage product to depart from the use of conventional NAND flash and instead utilise Intel’s much newer 3D XPoint technology.
3D XPoint promises higher random I/O performance (up to 550K read IOPS), lower latencies and far better endurance.
In this post I’ll be installing an Intel Optane 900P SSD in my HomeLab and taking a look at its real world performance within a VMware ESXi environment. Most importantly, we’ll see how the added performance translates into real-world improvements with Windows virtual machines.
Shortly after publishing my previous blog post, I accidentally stumbled upon Barkly. They represent a new breed of security technologies which have departed from traditional signature based detection methods and instead utilise machine learning and behaviour analysis for malware prevention.
At the time, I hadn’t heard of Barkly before. After a quick search online I found no independent reviews or any real exposure within IT communities such as Reddit’s /r/Sysadmin, /r/NetSec or Spiceworks. This needed to change, so I reached out to Barkly for a review copy and they were kind enough to hook me up with a trial.
In this post I’ll be putting Barkly through its paces and seeing how well it performs against a variety of threats, including ransomware, trojans, and exploits.
About two years ago, I stumbled upon Cylance. They marketed their product, CylancePROTECT, as being ‘next
generation’ security software, utilising artificial intelligence and machine learning to beat malware and other online threats. Instantly I was intrigued. Wanting to know more, I started looking online for community reviews and/or downloadable trials. Unfortunately neither seemed to exist, so I put a bookmark in my browser and decided to return again another day.
Fast track to today, and things have changed. There’s been a public AMA on Reddit, NSS Labs and AV-TEST have tested the product, and best of all, it can now be purchased for use on individual PCs via MalwareManaged.
In this blog post I’m going to be testing the security effectiveness of Cylance PROTECT, and putting it head to head with other competing products from TrendMicro, ESET, Sophos, Webroot and Malwarebytes.
Even though they’ve been out in preview for almost a year, I only recently found out about Azure Server Management Tools! In essence, it’s a light version of Microsoft’s ‘Server Manager’ ported to the Azure web management GUI.
If you have a hybrid cloud deployment to Azure, or are looking for ways to manage on-premise Windows VM’s (including Nano), this tool could be for you.
In this quick guide, I’m going to show you how to setup a monitoring in Azure, installing the gateway agent, and some use scenarios.
2018 Update: Microsoft have unfortunately dropped support for Hyper-V on Server Nano. Windows Server Core should now be used instead.
Hyper-V Nano server is Microsoft’s true answer to VMware’s ESXi hypervisor. It weighs in at a tiny 500MB (approx) disk footprint and completely cuts out any sort of GUI, instead solely relying on remote management.
This really is the future of the Windows Server ecosystem: significantly reduced attack surface (92% fewer ‘critical’ vulnerabilities), scriptable PowerShell remote management, and a tiny disk footprint.
In this post I’m going to detail the steps I followed to setup a Windows Server 2016 Hyper-V Nano server image, and install it to the internal SD card of my home lab server, a HP ProLiant DL360 Gen8.
Before getting started, you’re going to need a few things.:
The image builder tool will need direct access to a USB flash disk, so this needs to be done on a physical Windows PC or a Mac running parallels.
This guide is going to be in three main parts. Building our custom Nano Server image, then onto generating the installation ISO/USB flash drive based on WinPE, and finally installing to the actual SD card.
Once we have generated a working installation USB drive or ISO, you can use this over and over again to easily install Nano Server.
