Do-it-yourself certification practice: Make your own real or virtual lab

Many of my students ask me about practicing for their certification exams with more freedom than they have in their college classrooms. This article is the answer I give them — organized in a more coherent manner. (Usually we have an ongoing conversation and I end up answering their questions over and over.)

Your first step is to decide whether you want to use real hardware or virtual hardware. Both have their advantages and disadvantages. Using individual computers to set up your own lab can usually be done with old PCs without too many resources. Castoff machines can generally be found around the area where you live if you know where to look. Check with schools, businesses and friends to find places where people are getting rid of old computers. The disadvantage of using real hardware is space and electrical power: You're going to need plenty of both. The advantage of a virtual lab is that, provided you have a large enough computer, you can concentrate the whole lab in one system, taking up lot less physical space and electricity. The disadvantage is that any computer you use to set up a virtual lab will need to have an impressive amount of system resources.

If you decide to go the real hardware route, start collecting old computers, again from sources around your area. eBay can also be a good source of used PCs, servers and even routers. Set up a room where your lab will reside — an unused garage or spare room is a good place for this. Also, power strips are going to be your friend in this endeavor. You never have too many plugs, trust me.

If instead you decide to go the virtual route, then try to find a good used server. I scour eBay for used SAS servers, usually with AMD Opteron processors, which tend to be cheaper but offer the same power as processors that are just plain harder to find. There are many servers available that use older DDR2 memory, which can also be found used on eBay. The reason I recommend looking for used SAS servers is that you can also use SATA drives in an SAS server, and you can usually find a few of these laying around. One note on SAS servers is to check the size of the hard drives they accept: Many servers today use 2.5 inch laptop drives, so make sure you know what you're getting before you buy.

As far as virtualization software, there are a few choices. The best option is VMware of course. You can get a VMware workstation to run your virtual network, but you might also look for VMware servers — this provides an older, but free version of VMware. If you are a student, check with your school to see if they are part of the VMware Academic Initiative, which gives students free or discounted access to VMware software. Another solid choice is Microsoft's Hyper-V, which is free with Windows Server 2008, 2008 R2, and 2012. (It is a free download with 2008 and 2008 R2.) Again, if you are a student, check with your school to see whether they have access to Microsoft Dreamspark Premium, or you can access Dreamspark for copies of free software from Microsoft (everything except Office, surprisingly).

I know some of you are saying, "I am a poor student, how can I do virtualization cheap — as in free?" Well, there are a few free choices out there that are very good. The first is Virtualbox. This one is owned by Oracle, but offered free, and comes with a significant amount of community support and instruction. Vitualbox does require a host operating system, but it is available for Windows, Mac and Linux, so it should run on anything.

Another solution is ProxMox, which runs as its own server — no need for a host operating system. I have used this before and it is a very good solution, a sort of light version of Vmware or Hyper-v. There's not as much functionality, but in this situation it should do the job very well.

For virtualization purposes, how do you get a virtual router for free? Try Vyatta, which is a Linux distribution that is optimized as a router. Vyatta provides a community version for free and has very good documentation; I printed it out and made a manual for myself. Vyatta looks and works similarly to Cisco: some of the commands are different, but the functionality is the same.

Good luck to everyone who wants to create a home lab and start experimenting with different scenarios. There are a lot of helpful videos on YouTube about this topic, and many people have posted web tutorials and information about setting up your own lab.

Would you like more insight into the history of hacking? Check out Calvin's other articles about historical hackery:
About the Author