So, I have spare hardware just laying around, not doing anything, collecting dust. And I thought it was about time I did something fun with it. So here's what I decided to do.
I will run a XenServer as my gateway.
Xenserver specs: HP ML350 - Dual Xeon e5450 (quad core, 3ghz, 12mb l2, "harpertown" arch), 12gb ddr3 RDIMM, lga 775, dual 80gb seagate ES SAS drives, raid 1. **edit - DDR2 667
Now, this might sound strange, but I think this could be a cool experiment, and I will update this forum topic as things progress.
Here's the plan:
Dom0 - CentOS, and it obviously will be the XenServer itself, 3 nics - "wan", "lan" (also management, for connecting via ssh and xencenter. Yes, xen-tools and other xen utils will be used), and one internal, "dmz"
Dom1 - PfSense, 3 network interfaces, 2 physical (wan and lan), 1 virtual (DMZ), 1 small HDD for transparent proxies via squid some snort, things like that.
Dom2 - Windows 7 Pro, 1 network interface, the internal DMZ
Dom3 - Windows 8.1 Pro, again, internal DMZ
Dom4 - Windows 10, internal DMZ
Dom5 - (some random linux distro), internal DMZ
Dom6 - (some random linux distro), internal DMZ
Dom7 - Hackintosh maybe? (if I can get it freaking working, haven't been successful putting it on xen yet)
All Hard Drives will be on a 1tb iSCSI volume, handed out by my freenas, which will be on the "management" internal lan.
The idea is to see how long it takes, with no user interaction, for these dmz machines to become infected, maybe added to some sort of botnet. Will something happen? I have no idea. But they will be entirely visible to the internet, so we'll see what happens (maniacal laughter)