First, welcome to my renamed blog. I couldn't think of a good name for the blog years ago when I first started so I just settled for the most boring name I could think of, "Digital Forensics Blog". Granted, that was the main focus but it was just boring. A while back, I tweeted that I was looking for a better name. Phill Moore suggested Pryor Knowledge which I liked, but I decided to change it to No Pryor Knowledge. As I said in my last post, the focus will be a little wider here now but I'll still talk about forensics sometimes while other topics will also be featured as well. So, on with the post.
Not sure if this is a good thing or a bad thing, but I have many different interests when it comes to tech. My first love was just learning anything I could about repairing computers. Later I deeply fell for digital forensics and was fortunate to have the opportunity to learn from people like Mark McKinnon, Luby Novitovic, Harlan Carvey, Rob Lee, Jimmie Weg, Ali Hadi and so many others. Forensics held my full attention for a good while and is still a great interest. I still do forensic CTF's from time to time and always enjoy learning from them.
Later, I got really interested in security and blue team ops. I've watched countless security related videos and worked through online training environments like TryHackMe and Rangeforce. These things too are still of great interest to me.
I eventually worked my around full circle to my my enjoyment of just doing builds and repairs with the addition of servers and networking. I recently got a job that allows me to work in those areas every day and I'm loving it.
While I'm not over the servers or network, I am frequently involved in work related to those things. I wanted to learn more about networking, servers, Active Directory and Group Policy. I've watched videos, but I learn a lot more from watching the videos, reading books or blog posts and then doing hands on. This led me to set up a new learning environment at home.
I set up a Proxmox Virtual Environment (PVE) server on an old computer and connected it to my home network. I then set up a Proxmox Backup Server (PBS) on a separate computer. I wanted a separate device maintaining all the backups I knew I'd be making of my virtual machines.
Once that was all in place, it was time to set up my own local domain. I certainly didn't "need" a domain for my home network but it's nice having it as a learning environment that I can restore from backup anytime I mess it up.
I decided to build a domain controller with the Zentyal Linux distribution. Zentyal allows you to set up a controller compatible with Microsoft Windows Active Directory and that allows you to administer your Active Directory environment using Windows tools in Windows instead of having to use Linux. I thought this was my best option because Zentyal is free to use (there are paid subscription plans as well) and I could still administer it with the tools available from Microsoft.
I decided my domain controller would exist as a virtual machine instead of running yet another computer. I downloaded the Zentyal ISO to Proxmox storage and then created the new machine. I gave it 6 gigabytes of RAM and a 250 gigabyte virtual hard disk. That was more than enough disk space, but I'd really like to have a little more RAM available for it. Still, it works pretty well for my home network. It would need a lot more RAM if it were a production network for a business. I'll go over the setup of my domain in greater detail in a future post.
In addition to the domain controller, I also set up another virtual machine on PVE to use as a file server. This VM is an Ubuntu Linux Server and I use it for simple file storage as well as using it for a DNS server for my network with Pi-Hole. I have a second install of Pi-Hole running on a Raspberry Pi and duplicate my settings between the two. I have both of them set up as DNS forwarders in my domain controller and they take care of that mission plus blocking ads too.
I still have very much to learn. I've just barely scratched the surface of working with AD and Group Policy. It's fun learning new stuff and getting a better understanding of what our admins are doing at work. My future plans include adding a pfSense or OPNSense router/firewall to my network to learn more about networking and vlans's.
I'll end this here for now. I have a lot of ideas for future posts and will hopefully be back with another one soon.
No comments:
Post a Comment