Copy Cert and Key Cloudflare – Origin Server – Create Certificate Copy certificate key(site.pem) and private key (site.key) to origin server (web server) /etc/cloudflare/site.ca.pem /etc/cloudflare/site.ca.key
Configure Apache $sudo a2enmod ssl $sudo vi /etc/apache2/sites-available/site.ca.conf
There are bunch of different instructions how to install LAMP+Wordpress on Ubuntu distro, I simplified the installation process based on Ubuntu 19.10 LTS, and it won’t take more than 5 minutes to complete entire procedures.
$sudo mysql mysql>ALTER USER ‘root’@’localhost’ IDENTIFIED WITH mysql_native_password BY ‘root_password’; mysql>CREATRE DATABASE dbname mysql>CREATE USER ‘username’@’localhost’ IDENTIFIED BY ‘user_password’; mysql>GRANT ALL ON dbname.* TO ‘username’@’localhost’; mysql>FLUSH PRIVILEGES; mysql>exit;
I have just completed re-building my home lab and it took for few weeks to make certain worked. Hypervisors and pfsense are core parts of systems, but I also want to try that legacy or retired gadgets like Cisco ASA or HP DL3 series. Using cloud services such as AWS, Azure or DigitalOcean could make our life more easier, but on-premise systems are still important to understand what is going on there.
I feel like installing the Pfsense is at least 5 times easier than Cisco ASA. We can make connection worked even few mouse clicks; however, we can not understand how packet flows and how to make different machines are connected between each other under hood. There’re lots of trial errors as always. From wipe-out firmware images on that bare-metal firewall to complete ACL, those process gave me lots of fun anyway.
Each networks are divided into different VLANs and totally isolated each other to prevent security holes. Maybe I could do malware analysis on this environment. Metasploitable 2 and DVWA/WebGoat will be used for penetration practice, then any packets between attack/target machines are monitored.
Regarding the hyper visors, I would like to say, they have both pros and cons. Windows Hyper-V provides ease-of-use experience with nice looking graphic interface. More than that, we can use Hyper-V bare-metal machine as a monitoring server as well. But it requires lots of computing resources. ESXi is a very solid hyper visor and it needs few resource. Although I reinstalled because of its’ speed, it was working okay on 32GB SD Card. I am still not so sure which one is better, so I am using two hyper visors simultaneously.
My total budget for this lab was under 400$ CAD thanks for the retired but still healthy generals.
Few months ago, I have installed GTX 1060 ti 6GB on desktop PC for using hashcat, but I found out that I rarely used hashcat to crack hash keys. Thus I decided to use AWS for cracking hashes. Kali (2019.03) distro is already in AWS market store. I selected US-West (Oregon) region with GPU enabled instance. I am using p2.xlarge and p3.2xlarge instances on Kali ; those are generally turned off and fair enough for my purposes.
It costs 0.9 CAD/h to 31,218 CAD/h with the Pay-As-You-Go rates depending on performance. The entry option is p2.xlarge(1* Tesla V100, 4 * vCPUs, 61GB RAM), and the highend option is p3dn.24xlarge(8 * Tesla V100, 256GB GPU Mem, 96 * vCPU with 768GB Mem)
Before I found out what Fritzing is, drawing connection map is time consuming work. This tool is intuitive and ease-to-use. We can import libraries for BeagleBone Black here.
We can manipulate brightness of LED by implementing Pulse Width Modulation(PWM), thanks for the Python, integrating these modules were not too difficult. There are two buttons between circuits, it modifies Duty Cycles to change the LED brightness.