medusa/the_information_nexus
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update docs/tech_docs/cyber_lab.md

Browse Source
This commit is contained in:
medusa
2024-04-10 06:28:14 +00:00
parent 83afd8a2fd
commit ac6775cba7
1 changed files with 32 additions and 31 deletions
Download Patch File Download Diff File Expand all files Collapse all files

63
docs/tech_docs/cyber_lab.md
View File

@@ -1,6 +1,6 @@
To refine our discussion into a final draft for setting up an Active Directory (AD) domain `homelab.local` for your home, including a detailed cybersecurity lab and efficient management of your home network, NAS, laptops, and other IT equipment, we'll structure the guide with precise steps and configurations. Certainly! Here's the updated reference guide for setting up your `homelab.local` Active Directory domain:
# Final Guide: Setting Up `homelab.local` AD Domain # Reference Guide: Setting Up `homelab.local` AD Domain
## Introduction ## Introduction
@@ -11,7 +11,7 @@ This guide outlines the process for creating an Active Directory (AD) domain, `h
### Step 1: Domain and Controller Setup ### Step 1: Domain and Controller Setup
1. **Primary Domain Controller (PDC):** Choose a dedicated or virtual server with sufficient resources to run Windows Server. This server will manage the `homelab.local` domain. 1. **Primary Domain Controller (PDC):** Choose a dedicated or virtual server with sufficient resources to run Windows Server. This server will manage the `homelab.local` domain.
2. **Secondary Domain Controller (SDC):** Optional but recommended for redundancy. Can be less resource-intensive and also runs Windows Server. 2. **Secondary Domain Controller (SDC):** Optional but recommended for redundancy. Can be less resource-intensive and also runs Windows Server.
### Step 2: Organizational Units (OUs) and Structure ### Step 2: Organizational Units (OUs) and Structure
@@ -34,6 +34,7 @@ This guide outlines the process for creating an Active Directory (AD) domain, `h
2. **Create User Accounts:** 2. **Create User Accounts:**
- Setup `Admin Account(s)` for AD and resource management. - Setup `Admin Account(s)` for AD and resource management.
- Create individual `Family User Accounts` and `Guest Accounts` as needed. - Create individual `Family User Accounts` and `Guest Accounts` as needed.
- Use a clear naming convention for user accounts, e.g., `john.doe_001`.
### Step 4: Network Configuration and Security ### Step 4: Network Configuration and Security
@@ -42,50 +43,50 @@ This guide outlines the process for creating an Active Directory (AD) domain, `h
2. **Implement Firewall Rules:** 2. **Implement Firewall Rules:**
- Control traffic between network segments, especially protecting `CyberLab` resources. - Control traffic between network segments, especially protecting `CyberLab` resources.
- Create specific firewall rules for each sub-OU within the `CyberLab`.
### Step 5: NAS Configuration and Access ### Step 5: NAS Configuration and Access
1. **Set Up Storage Areas:** 1. **Set Up Storage Areas:**
- Allocate `Media`, `Personal Storage`, and `Lab Data` areas within the NAS, setting appropriate access permissions for each user or group. - Allocate `Media`, `Personal Storage`, and `Lab Data` areas within the NAS, setting appropriate access permissions for each user or group.
2. **NAS Backup Strategy:**
- Implement a separate backup strategy for the NAS, including regular incremental backups to an external drive or cloud storage service.
### Step 6: Group Policy Objects (GPOs) ### Step 6: Group Policy Objects (GPOs)
1. **Define Key Policies:** 1. **Define Key Policies:**
- Enforce a strong `Password Policy`. - Enforce a strong `Password Policy`, with a stricter policy for the `LabAdmins` group.
- Set an `Update Policy` for automatic Windows updates. - Set an `Update Policy` for automatic Windows updates.
- Apply `Software Restrictions` to limit installations on personal and home devices. - Apply `Software Restrictions` to limit installations on personal and home devices, using a whitelist of approved software.
## Enhanced Mermaid Diagram 2. **GPO for NAS Access:**
- Create a dedicated GPO for NAS access, defining user and group permissions for specific shares.
To accompany the final guide, the following Mermaid diagram provides a visual representation of the `homelab.local` setup: ## Mermaid Diagram
```mermaid ```mermaid
graph TD; graph TD;
A[PDC: homelab.local] -->|Manages| B[CyberLab] A[PDC: homelab.local] -->|Manages| B[CyberLab]
A -->|Manages| C[HomeDevices] A -->|Manages| C[HomeDevices]
A -->|Manages| D[NAS] A -->|Manages| D[NAS]
A -->|Manages| E[Users] A -->|Manages| E[Users]
B --> F[Testing Environments]
B --> F[Testing Environments] B --> G[Research]
B --> G[Research] B --> H[Tools]
B --> H[Tools] C --> I[Personal Laptops]
C --> J[Smart Home Devices]
C --> I[Personal Laptops] D --> K[Media]
C --> J[Smart Home Devices] D --> L[Personal Storage]
D --> M[Lab Data]
D --> K[Media] E --> N[Admins]
D --> L[Personal Storage] E --> O[Family]
D --> M[Lab Data] E --> P[Guests]
N --> Q[Admin Account]
E --> N[Admins] O --> R[Family User Accounts]
E --> O[Family] P --> S[Guest Accounts]
E --> P[Guests]
N --> Q[Admin Account]
O --> R[Family User Accounts]
P --> S[Guest Accounts]
``` ```
## Conclusion ## Conclusion
This guide and diagram serve as a comprehensive blueprint for setting up a secure and efficient Active Directory domain for your home network and cybersecurity lab. By following these steps, you can create a well-organized, manageable environment that supports both your professional and personal digital activities. This updated reference guide provides a comprehensive blueprint for setting up a secure and efficient Active Directory domain for your home network and cybersecurity lab. By following these steps and considering the additional recommendations, you can create a well-organized, manageable environment that supports both your professional and personal digital activities.