You know how startups usually "move fast and break things" before figuring out their success formula?

I have a similar process, which helped me consistently out-perform anyone in my previous jobs: infrastructure engineering, security automation, penetration testing, source code review, etc...

My secret? A home lab.

And to encourage you to set one (more) up, I have 2 stories to tell:

Story 1: Automating stupid tasks so I could sleep

There were 3 things I needed to do everyday at 9PM AND 5AM when I was working in a company that shall remain nameless:

1. Connect to a VPN which requires 2FA
2. Start running a script at 9PM. Stop that script at 5AM
3. Send a message in an unpopular IM app whenever I start and stop the scans

This kind of task was one of the reasons the company had a high turnover rate.

But I treated it as a challenge because I was dumb (should've just quit in hindsight).

And here is what I did to enjoy a good night's sleep when no one else before me could:

• Set up an Android emulator (I used a laptop for bare-metal server) and installed the authenticator app. Used Python to click the "Allow" prompt whenever it popped up.
• For starting and stopping the script, nothing fancy here. Just ./start && sleep 8h && ./stop
• Set up a Linux VM and with a desktop version of the IM app running. Used Python to automate the clicks and typing at 9PM and 5AM to send out the messages. Couldn't do it better because it had no API or accessibility features to help automation.

So everyday at 5PM, I checked my servers, ran the scripts, then enjoyed my time off. And it wouldn't be possible if I didn't have a home lab or VPS.

Although I did feel proud overcoming these challenges, I realized I was in a bad working environment as tasks like these were norms. And that's what inspired me to quit and write a post on how to pick a good technical job:

Unemployment is bad. Working in the wrong company is WAY worse.

Ask 6 crucial questions when you are looking for pen-testing/technical jobs.

SechurityWilliam Chu

Story 2: Deadline in a week, but no one knew how the software works

One of the big projects I needed to do in my uni job was to migrate RHCS (Red Hat Certificate System) from an unsupported version to a supported one.

Sounds easy, right?

It's not. Because:

• I didn't know how RHCS and RHDS (Red Hat Directory Server) worked
• My senior knew a bit but still couldn't troubleshoot the never-ending issues
• Following the documentation only led to errors that even RH support couldn't solve

Oh, and did I mention it's a government project? What could go wrong...

So a week before the deadline, when all hope was lost, I fired up my home lab.

I installed the upstream projects (AKA "free" versions of RH software) in a VM:

• For RHEL(Red Hat Enterprise Linux): CentOS
• For RHDS: 389 Directory Server
• For RHCS: Dogtag PKI

After days of trial and error...

I finally got the migration commands working in both CentOS and RHEL!

And those commands were not documented anywhere in the RH manual.

Because of this project, I kind of became a legend in the company. The project manager praised me highly as I single-handedly saved the day when all hope was lost.

But it's really not special because I think everyone can figure things out fast if they can spin up a testing environment whenever they need.

And that's how having a home lab can help you do things others wouldn't/can't.

I'm in! How do I get started?

Here are my exact steps (as I'm setting a new one up right now):

1. Find an old PC
2. Put as much RAM as you can into it
3. Install Proxmox
4. Play around with LXC containers and VMs just like in VMWare/VirtualBox
5. Google if you want certain things to be done but can't

It's very easy to get started.

If you want more, check out:

• https://www.reddit.com/r/Proxmox/
• https://www.reddit.com/r/homelab/

However, the advanced stuff (my favorites) can take a bit of time to set up:

• GPU pass-through to LXC container to Docker container to run PyTorch for machine learning
• Connect to VPN inside LXC container
• Accessing RAW hard drive inside the VM

These functionalities are definitely not necessary but can increase performance by a lot. And optimizing stuff always brings me joy (I'm a nerd).

Summary

Homelab'ing is fun and can save you a lot of time if you know how and when to apply the skills. Hope this post can inspire you to get started or add an additional node to your existing lab 😄

Let me know if you have any questions and please share what you have done if you decided to give it a try!