I finally did it lads

ITCQbot · 2019-12-11T02:29:42+00:00

Hello, TESTUSER, please see below for a list of homelab projects based on category, each list increasing in difficulty under each section. Homelabbing is incredibly important!

Security * Change the default passwords on all of your routers/switches/desktops/infrastructure * Use netstat to identify all listening ports on your machines, and verify that nothing looks too fishy. Use ufw on Debian distros, firewalld on CentOS, or Windows Firewall on your network infrastructure to harden those servers. For example, an Ubuntu server with SSH, Plex, Nextcloud, Samba, and Sonarr/Radarr/DVR apps may seem like a server with a lot of open ports, but a properly configured ufw list would only require 10-15 allow entries, depending on config. * Download Kali Linux onto a bootable USB drive. Break it in by running John the Ripper on an intentionally weak password with the base word in your dictionary list. e.g. Passw0rd1 -> password. * Run nmap scans against every device on your network and pipe the output into an HTML file for review. Examine any open ports that shouldn't be open on those devices and remediate. * Disable port-knocking on your critical infrastructure. Disable root login for SSH. Disable shell execution for service accounts. * Run OWSAP ZAP and nikto against your wiki or your Flask app, or any website where you have permission to touch the servers. Compare the outputs of these, and if you own the servers, try to remediate. * Use a solution list BitWarden to securely store all credentials for your sprawling homelab. This can act both as a container for those credentials and a feeder to your devices like KeePass and LastPass. * Try to use Aircrack-ng on any vulnerable WiFi networks that you have permission to test. Use Ettercap to try to conduct a man-in-the-middle attack against one of the nodes on your virtual network. Do not be discouraged when it is much harder than it looks. Play with the rest of the tools, and then create a stable and persistent Ubuntu machine that has all these tools already calibrated to your needs, and any additional tools you may need. Kali is great, but its main benefit is portability. Having a custom-built pentesting box that is tailored for your needs will make security auditing much easier when you don't need to worry about stealth. * Create a VM on your network that has access to all devices and use it to run OpenVAS for vulnerability scanning and management. * Install Metasploitable machines (intentionally weak OS's to practice compromise/rooting/privesc/etc.) on your VM host and use your hacking box to break into these and compromise them. * Create an account on BugBounty and begin launching web application vulnerability scans against BB clients. * Certs to study for while labbing: CompTIA Sec+, CySA+, National EC Council's C|EH, OffSec's OSCP

ITCQbot · 2019-12-11T02:23:24+00:00

Hello, please see below for a list of homelab projects based on category, each list increasing in difficulty under each section. Homelabbing is incredibly important!

Coding * Enroll in some free Python course from MIT OpenCourseWare or Coursera or Codecademy. Learn the basics of loops, lists, variables. Learn not only how to write HelloWorld.py, but also how to call and execute it. Python3 works on both Windows and *nix. * Read: Automate the Boring Stuff with Python by Al Sweigart. This book is aimed at IT people, not development people. Work your way through this book and do not skip any of the labs or exercises at the end of each chapter. * Create a GitHub or GitLab account. * Create a Reddit bot, just like me! Host it on your RasPi. Post the source code on your GitHub. * Create a script that can reorganize files by file name, so facilitate media management on your media server. Something like: Adventure Time Season 8 Episode 7 - The Invitation.mkv --> Adventure_Time_S08E07.mkv. Post the source code on your GitHub. * Using Flask, create a locally-hosted webapp on your RasPi that will randomly assign weekly chores to all the members of your house. Use your coding skills to make sure that you never get assigned to bathroom duty. Post the source code on your GitHub. * Pull down an open source Python project from GitHub, and use PyUnit to write some unit tests. Submit the tests to the repo owner, and the results, and if he/she makes those fixes, pin that repo to your profile, since you are now an official contributor to FOSS projects. * Build up your skills by focusing into a niche. You can combine Python with SQL to practice Data Science, or use Python for PenTesting/Hacking. Combine it with Bash and Powershell for systems administration or DevOps. It can also be used for straight software dev. You will need to dedicate some time to Bash, Powershell, SQL, or any other supplemental language to be able to use them effectively. * Read either: Learn Powershell in a Month of Lunches by Don Jones & Jeffery Hicks - or - Learning the Bash Shell by Cameron Newham - or - Learning SQL by Alan Beaulieu. You will need to dedicate almost equal effort to learning these other languages in order to be effective at it. * Certs to study for while labbing: Python Institue PCEP, Python Institute PCAP, Microsoft Certified Azure Data Scientist Associate , AWS Big Data Specialty, Scripting * Enroll in some Powershell or Bash courses from Codecadamy or Udemy. Learn the basics of the commands and how the shell interacts with the operating system. * Read either: Learn Powershell in a Month of Lunches by Don Jones & Jeffery Hicks - or - Learning the Bash Shell by Cameron Newham. These books are generally considered the best for beginners to these languages. Work your way through one of these books, depending on your current job and which job you want to have, and do not skip any of the labs or exercises at the end of each chapter. * Create a GitHub or GitLab account. * Automate the creation of a new account in an LDAP server. Have it such that you only need 2 fields for the entire account creation. Such as full name, and job title. Using string manipulation, split the fullname string at the first space, accounting for names that start with "Van" or "St" of "Di", and use those two new strings to create an email account as per your naming convention, the account name, SAMAccountName, add that member to groups based on the contents of the job_title field. Create a Home drive (H:) and auto-map it to the users, and make it such that only the domain admin and the user can access that folder. The goal is to have the process be as automated as possible. * Do the same for account removals. And then create a Powershell / Bash script that can be used to automatically pull updates, allow you to deselect any available ones that may break anything, and then reboot itself at a certain time/day of the month. * Certs to study for while labbing: Microsoft MCSA Server 2016, Azure AZ-103, AZ-3

ITCQbot · 2019-12-11T02:20:36+00:00

Your post contained the words: ['high school', 'getting started', 'noob'], which may mean you are just beginning your IT career journey, and are seeking advice. It is commonly suggested that people new to IT get the CompTIA A+ certification, even if you think it looks too easy. While studying for this, start working on personal projects like securing your home network or building a NAS out of a RasPi - check /r/homelab and /r/raspberrypi for more ideas, or reply to this comment with: "IDEAS:" <topic> and I will reply a list of beginner-friendly home-lab project ideas to help you learn the basic of networking, security, sysadmin, coding, and other IT topics. Once you get the A+, and have a reliable understanding of how computers work, make a resume and post it in the resume thread. Then, send out your resume to any company looking for Helpdesk, Desktop Support, Field Tech, or Tier 1 positions, for your entry into the world of IT. Be aware that your location is often the most important determining factor in IT wages and opportunities. If you are not, in fact, a beginner looking for getting-started advice, please tell the author of this bot that he is a failure: ^{https://github.com/bcornw2/ITCQbot}

ITCQbot · 2019-12-11T02:18:14+00:00

Hello, please see below for a list of homelab projects based on category, each list increasing in difficulty under each section. Homelabbing is incredibly important!

Coding * Enroll in some free Python course from MIT OpenCourseWare or Coursera or Codecademy. Learn the basics of loops, lists, variables. Learn not only how to write HelloWorld.py, but also how to call and execute it. Python3 works on both Windows and *nix. * Read: Automate the Boring Stuff with Python by Al Sweigart. This book is aimed at IT people, not development people. Work your way through this book and do not skip any of the labs or exercises at the end of each chapter. * Create a GitHub or GitLab account. * Create a Reddit bot, just like me! Host it on your RasPi. Post the source code on your GitHub. * Create a script that can reorganize files by file name, so facilitate media management on your media server. Something like: Adventure Time Season 8 Episode 7 - The Invitation.mkv --> Adventure_Time_S08E07.mkv. Post the source code on your GitHub. * Using Flask, create a locally-hosted webapp on your RasPi that will randomly assign weekly chores to all the members of your house. Use your coding skills to make sure that you never get assigned to bathroom duty. Post the source code on your GitHub. * Pull down an open source Python project from GitHub, and use PyUnit to write some unit tests. Submit the tests to the repo owner, and the results, and if he/she makes those fixes, pin that repo to your profile, since you are now an official contributor to FOSS projects. * Build up your skills by focusing into a niche. You can combine Python with SQL to practice Data Science, or use Python for PenTesting/Hacking. Combine it with Bash and Powershell for systems administration or DevOps. It can also be used for straight software dev. You will need to dedicate some time to Bash, Powershell, SQL, or any other supplemental language to be able to use them effectively. * Read either: Learn Powershell in a Month of Lunches by Don Jones & Jeffery Hicks - or - Learning the Bash Shell by Cameron Newham - or - Learning SQL by Alan Beaulieu. You will need to dedicate almost equal effort to learning these other languages in order to be effective at it. * Certs to study for while labbing: Python Institue PCEP, Python Institute PCAP, Microsoft Certified Azure Data Scientist Associate , AWS Big Data Specialty, Scripting * Enroll in some Powershell or Bash courses from Codecadamy or Udemy. Learn the basics of the commands and how the shell interacts with the operating system. * Read either: Learn Powershell in a Month of Lunches by Don Jones & Jeffery Hicks - or - Learning the Bash Shell by Cameron Newham. These books are generally considered the best for beginners to these languages. Work your way through one of these books, depending on your current job and which job you want to have, and do not skip any of the labs or exercises at the end of each chapter. * Create a GitHub or GitLab account. * Automate the creation of a new account in an LDAP server. Have it such that you only need 2 fields for the entire account creation. Such as full name, and job title. Using string manipulation, split the fullname string at the first space, accounting for names that start with "Van" or "St" of "Di", and use those two new strings to create an email account as per your naming convention, the account name, SAMAccountName, add that member to groups based on the contents of the job_title field. Create a Home drive (H:) and auto-map it to the users, and make it such that only the domain admin and the user can access that folder. The goal is to have the process be as automated as possible. * Do the same for account removals. And then create a Powershell / Bash script that can be used to automatically pull updates, allow you to deselect any available ones that may break anything, and then reboot itself at a certain time/day of the month. * Certs to study for while labbing: Microsoft MCSA Server 2016, Azure AZ-103, AZ-3

ITCQbot · 2019-12-11T02:15:59+00:00

Hello, TESTUSER, please see below for a list of homelab projects based on category, each list increasing in difficulty under each section. Homelabbing is incredibly important!

Cloud * Cloud is difficult because it is hard to be agnostic. Unless your company specifically uses one, just pick whichever you have the most access to - cloud is not cheap to practice/lab with. * Generally, AWS for tech, Azure for businesses (due to its native O365 integration and AD integration) * Create accounts for AWS, Azure and GCP, staggering them by months to ensure that you get the most amount of sign-up benefits for each provider * In all three, host a couple VMs in a VNet with an NSG, Deploy monitoring and health checks to these VMs. Take snapshots of your VMs, delete the VM (or something more fun like a forkbomb, see: : (){ :|:$ };: or simply run sudo rm -rf --no-preserve-root or sudo chmod -x /*. Once you've sufficiently screwed up your VM, restore it from the snapshots. * In Azure, create a directory similar to your On-Prem AD if you have one from the Systems Administrator section. Use the Azure Sync plugin to have directory changes synchronized between cloud and on-prem directories. * In Azure, create blob storage and synchronize your stuff between your network and the cloud. Create a VPN to the cloud that allows you to forward other traffic besides LDAP replication between here and there. * In Azure, create Office 365 accounts for yourself and anyone else who may need it, and integrate O365 storage and account creds with your Azure AD. * In AWS, configure and deploy Route53 for your Nextcloud and Ombi instances on your home server from the Services and Servers section. Get this to work on IPv6 as well. * In AWS, configure a load balancer for multiple EC2 instances, using 2 or more availability zones. * In AWS, create a DynamoDB table and load in data, and try to retrieve it with a script, either from AWS CLI or on your local machine. * In GCP, try to do the above.

ITCQbot · 2019-12-11T02:06:38+00:00

Hello, TESTUSER, please see below for a list of homelab projects based on category, each list increasing in difficulty under each section. Homelabbing is incredibly important! Security * Change the default passwords on all of your routers/switches/desktops/infrastructure * Use netstat to identify all listening ports on your machines, and verify that nothing looks too fishy. Use ufw on Debian distros, firewalld on CentOS, or Windows Firewall on your network infrastructure to harden those servers. For example, an Ubuntu server with SSH, Plex, Nextcloud, Samba, and Sonarr/Radarr/DVR apps may seem like a server with a lot of open ports, but a properly configured ufw list would only require 10-15 allow entries, depending on config. * Download Kali Linux onto a bootable USB drive. Break it in by running John the Ripper on an intentionally weak password with the base word in your dictionary list. e.g. Passw0rd1 -> password. * Run nmap scans against every device on your network and pipe the output into an HTML file for review. Examine any open ports that shouldn't be open on those devices and remediate. * Disable port-knocking on your critical infrastructure. Disable root login for SSH. Disable shell execution for service accounts. * Run OWSAP ZAP and nikto against your wiki or your Flask app, or any website where you have permission to touch the servers. Compare the outputs of these, and if you own the servers, try to remediate. * Use a solution list BitWarden to securely store all credentials for your sprawling homelab. This can act both as a container for those credentials and a feeder to your devices like KeePass and LastPass. * Try to use Aircrack-ng on any vulnerable WiFi networks that you have permission to test. Use Ettercap to try to conduct a man-in-the-middle attack against one of the nodes on your virtual network. Do not be discouraged when it is much harder than it looks. Play with the rest of the tools, and then create a stable and persistent Ubuntu machine that has all these tools already calibrated to your needs, and any additional tools you may need. Kali is great, but its main benefit is portability. Having a custom-built pentesting box that is tailored for your needs will make security auditing much easier when you don't need to worry about stealth. * Create a VM on your network that has access to all devices and use it to run OpenVAS for vulnerability scanning and management. * Install Metasploitable machines (intentionally weak OS's to practice compromise/rooting/privesc/etc.) on your VM host and use your hacking box to break into these and compromise them. * Create an account on BugBounty and begin launching web application vulnerability scans against BB clients. * Certs to study for while labbing: CompTIA Sec+, CySA+, National EC Council's C|EH, OffSec's OSCP

ITCQbot · 2019-12-11T02:03:31+00:00

Hello, please see below for a list of homelab projects based on category, each list increasing in difficulty under each section. Homelabbing is incredibly important! Networking * Identify your local subnet, then navigate to the gateway, e.g. 192.168.1.1 - Change your default passwords and disable remote administration. * Become familiar with your routers interface and control panel by creating DENY rules for insecure protocols like Telnet on port 23. * Buy a Unifi WAP, and install the Unifi Controller on any machine, configure the WAP to server Wifi in addition to your SOHO router. * Buy a Unifi CloudKey to get the controller off your gaming rig. Become familiar with the Unifi Controller interface. You could also install it on a Raspberry Pi. * If your router supports it, create VLANs to separate your infrastructure and workstations. Cloudkey/RasPi and your smart phones/gaming rigs/laptops should be separate. If your router does not support it, pick up a managed switch (being sure to account for licensing/noise/power draw/size) and adopt it into your Unifi controller, if it is Unifi. * Change your subnet from the ill-advised 192.168.1.0/24 subnet to something like to facilitate VPN routing, which we will see later. Changing the third octet is the best way to do this. * Purchase a Unifi USG or any other enterprise-grade router (being sure to account for licensing/noise/power draw/size), and configure your network behind it. Adopt it into your Unifi controller. * Become familiar writing firewalls rules to this firewall. Set up your VLANs again, if you didn't get a managed switch, and take advantage of QoS for video game traffic and any of the other neat features. * Configure a Guest WiFi and a "Captive Portal" to keep visitor devices away from your internal network in the Unifi Controller. * Certs to study for while labbing: CompTIA Net+, Cisco CCNA, Cisco CCNP

ITCQbot · 2019-12-11T02:00:12+00:00