If you’re a homeowner like me, hopefully you have a few basic around-the-house skills – changing a light bulb, fixing a loose door handle, unclogging a shower drain, making sure the deadbolts lock properly. I run into a new issue every week it seems. If you’re fortunate, there’s at least one person in your household who can handle fixes like these without having to call a plumber or a dedicated handyman every time something pops up.
In the cyber security world, the same do-it-yourself (DIY) handyman approach can be beneficial, especially for mitigating less complex issues. Basic skills like these are no longer something only elite security professionals should handle (although you’ll certainly need to enlist the aid of professional and managed security services when an issue escalates beyond the means of your technical capabilities). Your organization needs to invest in core DIY cyber security skills to perform some troubleshooting when you’re stuck or simply lack the time or resources.
In this blog series, “5 DIY Cyber Security Skills Every IT Professional Needs to Master,” I’ll cover a list of essential skills and technology you can start learning right away, including:
Skill #1 – Virtual machines
Skill #2 – Nmap
Skill #3 – Language Basics
Skill #4 – Command Line Fu
Skill #5 – Vulnerability Scanning
This week, we’ll start with the first skill on our list, virtual machines (VMs). This isn’t new and complex technology. Thanks to virtualization, we’re no longer confined to bare metal, physical hardware installations and repeating configurations (cough, cough) to get things to work. VMs also offer lower hardware costs, reduced server-provisioning time, and shorter application deployments.
While VMs aren’t too complicated to manage, lack of time, training, and technical resources can stand in the way of utilizing this technology to simplify your day-to-day security tasks.
Here are three reminders for how you can use virtual machines to your benefit:
- Test, Test, and Test Some More. Heard about a new tool you want to roll out? Virtualize it. Looking to test new configurations? Virtualize it. Want to pen test your systems? Virtualize it. This is your safe zone to practice and learn about different technical capabilities even in potentially massive environments.
- It’s Okay to Break Your Systems. When you’re trying to solve a cyber security problem, you absolutely will break your systems at some point. In a virtual environment, you can feel free to break, misconfigure, and re-deploy… quickly!
- Replicate Your Network and Systems. Please don’t test a destructive scan against a production system. Virtualize your existing system or systems and work in sandbox environments. It’s cheaper to replicate an entire infrastructure in most cases rather than starting from scratch.
There are plenty of virtualization options. VirtualBox or VMwWare are great for working locally, and services like Microsoft Cloud or Amazon Web Services are great for “outside the network” work. Make sure you can use the snapshotting functionality. That’s a life-saver when it comes to testing different settings, configurations, and changes. You also need to know the network interface cards (NICs) are attached to the network – network address translation (NAT), bridged, shared. These network configurations can have a big impact on how you’re trying to set up your virtual environment.
Overall, virtualization provides a lot of functionality, but it’s best to stick to the basics in the beginning. Once you’re comfortable with virtualization, you’ll be ready to tackle on so many other things.
That concludes our first blog in the series. Stay tuned for the next blog when we’ll get you up and running with nmap – the de facto network scanner of security professionals worldwide. In the meantime, you can also sign up for our Cyber Hygiene course to brush up on basic cyber security practices your organization needs.