Build Your Own Home Cyber Range: Part 2
This article was previously published on Code Fellows with the title "Build Your Own Home Cyber Range: Part 2"
Author David Lee
In part 1 of this three-part blog series, we looked at how to get a home cyber range started in order to host a threat detection ecosystem via VirtualBox. We deployed a Dell Precision T3600 along with VirtualBox, a budget-friendly computer model selected to support additional CPU cores. Next up, we will need to establish remote connectivity to conveniently access the command line, the screen, and the file system in order to treat this computer like a true dedicated server.
In computer operations jargon, we have clients and servers. Servers are dedicated host systems whose sole purpose is to run a specific software or service (like hosting a web site). In this configuration, the personal Windows 10 computer will act as the client and only access the server as needed. The benefit of this configuration is that if we ever need to reformat the personal Win 10 system, we can do so without affecting the home lab. Here's the desired outcome:
Low-level computer commands such as rebooting and shutting down are best issued via command line in Linux, in case other applications and services have crashed. From the Ubuntu Linux desktop, you can access the command line by selecting your apps menu and opening Terminal Emulator.
The Ubuntu box can be rebooted with a sudo reboot now.
Secure Shell (SSH) lets us remotely access the command line of our Ubuntu box. The industry once upon a time used Telnet for this purpose, but SSH via port 22 is more modern and supports password authentication and encrypted session traffic. To establish SSH access, install an OpenSSH server on the Ubuntu box. Ubuntu usually comes prepackaged with an SSH client, but you'll need the OpenSSH server package in order to host SSH protocol and connect from an external system.
OpenSSH server can be installed with the apt-get package manager tool. First, update the package manager itself. The package updater will verbosely describe the actions it is taking, then finish with something like the following:
Once packages are up to date, you're ready to install SSH Server.
Once it's installed, don't forget to create a Linux firewall rule with the command sudo ufw allow 22, assuming you're running the firewall service (which you probably should as best practice/for experience).