Vanquish23's VMware Security Lab Server Project
vanquish23
Member Posts: 224
in Off-Topic
Hello TE people:
Thought I would start my project thread so that people can follow along in the coming months of how the project comes together. I have always had a passion for network and security to reach CCNP:r/S and CCNP: Security and then drift to CEH/GIAC/SSCP/CISSP certifications. What better and fun way to learn all of this? Build a server and tinker with it hand on. Reading a book only is dry and no fun. I will be making notes (replies) to document from start to end with pictures as well.
Notes:
-Not a economy virtual lab, and not in a hurry to put it together.
-Chassis (5U rack server with 6 hot swap bays) and power supply in hand.
-Dual CPU's
-Max amount of memory that VMware Open Source will support
-Able to grow and expand for the next 2 to 3 years
Objective: Simulate and host a variety of operating systems on a virtual platform for the purpose of an in depth analysis of security management, vulnerability management, and offensive/defense attack and defense analysis with some experimental research.
-Begin software installation and basic configuration for security objectives
Software Tools:
-Tenable Nessus Scanner, Snort IDS, Back Track, Wireshark
-Cisco TACACS+
Operating Systems:
-Basic installs and services unpatched and patches Windows Server 2000, 2008, 2012, XP, Vista, 7
-A mixture of Linux distro, to include BackTrack and Red Hat
Thought I would start my project thread so that people can follow along in the coming months of how the project comes together. I have always had a passion for network and security to reach CCNP:r/S and CCNP: Security and then drift to CEH/GIAC/SSCP/CISSP certifications. What better and fun way to learn all of this? Build a server and tinker with it hand on. Reading a book only is dry and no fun. I will be making notes (replies) to document from start to end with pictures as well.
Notes:
-Not a economy virtual lab, and not in a hurry to put it together.
-Chassis (5U rack server with 6 hot swap bays) and power supply in hand.
-Dual CPU's
-Max amount of memory that VMware Open Source will support
-Able to grow and expand for the next 2 to 3 years
Objective: Simulate and host a variety of operating systems on a virtual platform for the purpose of an in depth analysis of security management, vulnerability management, and offensive/defense attack and defense analysis with some experimental research.
-Begin software installation and basic configuration for security objectives
Software Tools:
-Tenable Nessus Scanner, Snort IDS, Back Track, Wireshark
-Cisco TACACS+
Operating Systems:
-Basic installs and services unpatched and patches Windows Server 2000, 2008, 2012, XP, Vista, 7
-A mixture of Linux distro, to include BackTrack and Red Hat
He who SYNs is of the devil, for the devil has SYN'ed and ACK'ed from the beginning. For this purpose, that the ACK might destroy the works of the devil.
Comments
-
vanquish23
Member Posts: 224
Hardware build out:
Chassis and Redundant Power Supply's included.
I will have to get a new chassis as a Extended ATX motherboard will not work in my other rack mount cage.
SUPERMICRO SuperChassis CSE-836TQ-R800B Black 3U Rackmount Server Case 800W Redundant - Newegg.com
Details:
Chassis Type
Rackmount
Form Factor
3U
Color
Black
Motherboard Compatibility
13.68" x 13"
Power Supply
800W Redundant
Expansion
Hot-Swap Drive Bays
16 x 3.5" SAS/SATA
Expansion Slots
7x full-height full-length expansion slots
External Slim Drive Bays
Slim DVD-ROM Drive
Front Ports
Front Ports
2 x USB Ports & DB9 COM Port
Cooling System
80mm Fans
3 x 8cm Hot-swappable Fan
2 x 8cm Rear-exhaust Fan
Physical Spec
Dimensions
25.6" x 17.2" x 5.2"
Features
Processor Support: Supports dual, single Intel / AMD processors.
3U Direct Attached Backplane, features:
3Gb/6Gb support
SES-2 Enclosure Management Support
SAS/SATA support
16 SATA connectors
Buttons:
Power On/Off button
System Reset button
LEDs:
Power LED
Hard drive activity LED
2x Network activity LEDs
System Overheat LED
Power fail LED
Chassis intrusion switch.He who SYNs is of the devil, for the devil has SYN'ed and ACK'ed from the beginning. For this purpose, that the ACK might destroy the works of the devil. -
vanquish23
Member Posts: 224
Motherboard:
SUPERMICRO MBD-X8DAH+-F-O Dual LGA 1366 Intel 5520 Enhanced Extended ATX Dual Intel Xeon 5500 and 5600 Series Server Motherboard - Newegg.com
SUPERMICRO MBD-X8DAH+-F-O Dual LGA 1366 Intel 5520 Enhanced Extended ATX Dual Intel Xeon 5500 and 5600 Series Server Motherboard
Details:
Supported CPU
CPU Socket Type
Dual LGA 1366
CPU Type
Supports up to two Intel 64-bit Xeon processor(s) of the same type below:
Intel Xeon Processor 5600 Series (Westmere)
Intel Xeon Processor 5500 Series (Nehalem-EP)
QPI
Up to 6.4 GT/s
Chipsets
North Bridge
Intel 5520
South Bridge
Intel ICH10R
Other Chipset
2x IOH-36D
Memory
Number of DDR3 Slots
18 x 240pin
DDR3 Standard
DDR3 1333
Maximum Memory Supported
Supports up to 288GB* 1333 / 1066 / 800MHz DDR3 ECC Registered memory
Supports up to 48GB 1333 / 1066 / 800MHz DDR3 ECC / Non ECC Unbuffered memory
*16GB LRDIMM is required.
ECC Supported
Yes
Registered
Yes
Expansion Slots
PCI Express 2.0 x16
2
PCI Express x8
4 (x
PCI-E 2.0 slots (1 in x16 slot)
PCI Express x4
1
Storage Devices
SATA
6 x SATA 3.0Gb/s
SATA RAID
RAID 0, 1, 5, 10 support (Windows)
RAID 0, 1, 10 support (Linux)
Onboard Video
Onboard Video Chipset
Matrox G200eW
Onboard Audio
Audio Chipset
Realtek ALC888 7.1 HD audio
Audio Channels
8 Channels
Onboard LAN
LAN Chipset
Intel 82576
LAN Speed
10/100/1000Mbps
Max LAN Speed
10/100/1000Mbps
Rear Panel Ports
PS/2
2
COM
1
Video Ports
D-Sub
USB 1.1/2.0
6 x USB 2.0
IEEE 1394
2 x IEEE 1394a
Physical Spec
Form Factor
Enhanced Extended ATX
Dimensions
13.68" x 13" (34.7cm x 33cm)
Features
Integrated IPMI 2.0 with Dedicated LANHe who SYNs is of the devil, for the devil has SYN'ed and ACK'ed from the beginning. For this purpose, that the ACK might destroy the works of the devil. -
vanquish23
Member Posts: 224
CPU Processor:
Intel Xeon E5620 Westmere 2.4GHz 12MB L3 Cache LGA 1366 80W Quad-Core Server Processor BX80614E5620
Intel Xeon E5620 Westmere 2.4GHz 12MB L3 Cache LGA 1366 80W Quad-Core Server Processor BX80614E5620 - Newegg.com
Details:
CPU Socket Type
CPU Socket Type
LGA 1366
Tech Spec
Core
Westmere
Multi-Core
Quad-Core
Name
Xeon E5620
Operating Frequency
2.4GHz
QPI
5.86 GT/s
L3 Cache
12MB
Manufacturing Tech
32 nm
64 bit Support
Yes
Virtualization Technology Support
Yes
Thermal Design Power
80WHe who SYNs is of the devil, for the devil has SYN'ed and ACK'ed from the beginning. For this purpose, that the ACK might destroy the works of the devil. -
Asif Dasl
Member Posts: 2,116 ■■■■■■■■□□
What are you using this server for? VMware or GNS3? It seems like overkill, you could get 2 cheap Shuttle barebones for the price you are spending on a single case? Why do you need redundant power supplys? -
vanquish23
Member Posts: 224
Notes:
-Not a economy virtual lab, and not in a hurry to put it together.
Because its going to be expanded into the future when CPU prices drop and because I have always wanted a beast.He who SYNs is of the devil, for the devil has SYN'ed and ACK'ed from the beginning. For this purpose, that the ACK might destroy the works of the devil. -
vanquish23
Member Posts: 224
Memory: Initial 2 sticks for boot, expand over time
Kingston ValueRAM 16GB 240-Pin DDR3 SDRAM ECC Registered DDR3 1600 Server Memory (Intel Validated ) Model KVR16R11D4/16I
Kingston ValueRAM Server Memory w/TS Intel Model KVR16R11D4/16I - Newegg.com
Details:
Brand
Kingston
Series
ValueRAM
Model
KVR16R11D4/16I
Type
240-Pin DDR3 SDRAM
Tech Spec
Capacity
16GB
Speed
DDR3 1600
Cas Latency
11
Voltage
1.5V
ECC
Yes
Buffered/Registered
Registered
Features
With Thermal SensorHe who SYNs is of the devil, for the devil has SYN'ed and ACK'ed from the beginning. For this purpose, that the ACK might destroy the works of the devil. -
Asif Dasl
Member Posts: 2,116 ■■■■■■■■□□
I get you are building a server but you are building a server with a Xeon E5620 which benchmarks at 4932 (and costs $395) when you could buy a Haswell i7-4770 for a Shuttle barebone for $310 and it benchmarks at 9991 - double the speed and it's cheaper. What do you need ECC RAM for? You can get 2 Quad-port GigE NICs in to a Shuttle barebone and it's perfect for VMware or GNS3.
Edit - I've said my bit!
-
vanquish23
Member Posts: 224
To go along with my 42U network rack on my house. Why buy a bunch of boxes when you can consolidate and build for the next 2 - 4 years. I am a nerd, and single.He who SYNs is of the devil, for the devil has SYN'ed and ACK'ed from the beginning. For this purpose, that the ACK might destroy the works of the devil.
-
Asif Dasl
Member Posts: 2,116 ■■■■■■■■□□
Yes, but if you are going with VMware it's better to have at least 2 hosts so you don't have down time of the VMs. If you build 2 identical systems then you can vmotion easily. A Haswell Shuttle barebone (not released just yet - another few weeks wait) will last as long as the server you are building and cost less. If you are using GNS3 then a single machine with a bunch of HP NC364T Quad port GigE NICs will work fine.
