Homelab: October 2023 and Planning Beyond

I wont be getting too deep into the history of what my lab consisted of here, but I will cover the services and utilities I use and how they are configured, to an extent. There will be omissions and vagueness for personal privacy reasons. That being said, if you want to look at the history of what I had in the past, that’s told here.

Current Hardware

I have a small amount of hardware sticking around nowadays. At this point, I use the following in my lab:

• Ubquiti UDM Pro - Firewall
• Dell PowerEdge R710 - VMWare ESXi Server
• Cisco Catalyst 2960G 24-Port Switch
• Ubquiti UniFi Nano HD - AP
• 15U Rack
• Ancient, brandless 4:3 monitor
• Other, more normal household things

This isn’t anything particularly thrilling here, especially nowadays. All this hardware is pretty old, except for the UDM Pro. I have upgrade plans that I will elaborate on a little more later.

Services

I am hosting a few services as of now, mostly on the ESXi box. However this is far less than it used to be. Currently a Foundry server, and a Matrix server.

Network Services

At a high level, the UDM provides access to the internet from my ISP which comes into my network which is currently flat, but provides internet to the rest of the house through both Wi-Fi and in-wall Ethernet. On that network I have a few IoT devices, my desktop, roommate’s desktop, and ESXi box.

ESXi Box

The ESXi box hosts a Windows Server 2016 box, which has an AD Domain and DNS on it, a Debian 10 box with a Matrix and Foundry server, plus other nonsense that isn’t really applicable here. This footprint has really reduced a TON over the last 2 years or so. So, here is what I plan to do to expand things again

Future State

In no particular order, this is what I am planning to upgrade to in the network to better support things I want to do in the future. I know I want to do a better job of automating updates, and keeping things running smoothly.

1. Build proper segmentation into the network
   1. Primary LAN - For all my wired goodies
   2. Primary WIFI - For my wireless goodies
   3. IoT Subnet - For the untrustworthy things I don’t really want to own, but housemates decided we need
   4. Roommate Subnet - For the roommate
   5. Hack Lab Subnet - To keep hacking activities where they belong
   6. Guest WiFi - To keep friends off my wifi.
2. Update VMs to new OS versions
3. Upgrade Dell R710 to Dell R730
   1. This is to have access to ESXi V7 and also increased memory capacity
   2. Add NVME Drives
4. Build Hack Lab
   1. No idea yet about what exactly this will entail, mostly a way to safely test payloads.
   2. I know I want to get SCCM installed, and a small forest set up that allows me to test malware and TTPs against a local infrastructure, without having to pay Rastamouse for when I want a quick lab to spin up. I may also install Elastic or Splunk in a monitor mode (If I can get them for free and without having to use any cloud offerings), and get SCCM functional.

I hope that this gives an idea of what I currently run, and what I plan to run into the future. the blog will be sporadically updated as I dive in and out of these experiences, but I wanted to give a snapshot of what I have today.