Home Lab V 1.0
A segmented, monitored, and occasionally misbehaving environment built to explore real-world cybersecurity scenarios.
Everything below lives in its own VLAN, logs its mistakes, and was deployed with the intent to break, learn, and document the process.
General Overview
This lab isn’t just a collection of VMs — it’s where I get hands-on with the core principles of cybersecurity.
I’ve built it to simulate realistic network environments, complete with segmentation, monitoring, and enough complexity to create real problems worth solving.
The plan? Practice detection, defense, and a little controlled chaos — because theory is great, but logs don’t lie.
Network Segmentation Overview
The lab is divided into multiple VLANs to isolate traffic and mirror realistic enterprise environments.
Each VLAN serves a distinct purpose — from internal operations and public-facing services to monitoring infrastructure and offensive testing.
VLAN
Network Address
Purpose
10
10.0.10.0/24
LAN – internal core services
20
10.0.20.0/24
DMZ
30
10.0.30.0/24
Security Network
40
10.0.40.0/24
Offensive Testing
Machines Summary
A breakdown of the machines deployed in my home lab, each assigned to a VLAN based on its function.
From core services to honeypots and red team tools, everything is built to simulate real-world environments while keeping things safely isolated.
Machine
Machine name
IP address
VLAN
Notes
pfSense Firewall
pfSense01
10.0.10.1
Trunk
VLAN and fw
Windows Server (DC1, AD)
DC1
10.0.10.10
VLAN10
Internal core services
File Server
FS1
10.0.10.20
VLAN10
File sharing
Windows Client
WinClient01
10.0.10.100
VLAN10
Linux Client
LinuxClient01
10.0.10.110
VLAN10
DMZ Web Server
DMZWeb01
10.0.20.100
VLAN20
Public-facing web app
Vulnerable test machine
Vuln01
10.0.20.150
VLAN20
Security testing
Honeypot
Honey01
10.0.20.200
VLAN20
Captures attacks
SIEM Server
SIEM01
10.0.30.100
VLAN30
Log aggregation
IDS/IPS (Security Onion)
SecOnion01
10.0.30.150
VLAN30
Intrusion monitoring
Pentest Machine (Kali)
Kali01
10.0.40.100
VLAN40
Offensive tools
Machines Deployment
Deploying the machines wasn’t just “click and go.”
This section documents how each system was installed, configured, and occasionally rebuilt after something inevitably broke.
From domain controllers to honeypots, it’s all hands-on — and yes, snapshots were involved.
Projects & Use Cases
Here’s where theory meets logs, alerts, and the occasional “what did I just do?”
These projects explore real-world scenarios using the lab setup — from detection rules and misconfigurations to simulated attacks and containment strategies.
Built, tested, documented. Mostly in that order.