Share this page!

John Breth (JB) | CyberInsight® on YouTube Profile picture
Twitter logo
4 Sep, 9 tweets, 8 min read
Had a few folks ask about how to get hands on experience when starting to get into tech/cyber. So this thread some of my recommendations of FREE labs/software for networking, Linux, Windows, cybersecurity, and coding that I have used.
I'm going to plug my own stuff first 😂 I have various playlists devoted to lab walkthroughs for networking (Net+/CCNA), Linux, cyber defense, and offensive cyber labs. The majority using free tools for you to follow along🤝
youtube.com/c/cyberinsight
For free networking labs:

Cisco packet tracer:
netacad.com/courses/packet…
Juniper vLabs:
jlabs.juniper.net/vlabs/

Some great lab books (using packet tracer, affiliate links):
amzn.to/3DLDSSg (101 Labs Net+)
amzn.to/3yNWbSN (101 Labs CCNA)
For free Linux distros to practice with:

Ubuntu: ubuntu.com/download/deskt…
Debian: debian.org
Plenty of other free Linux OS's (We'll get to Kali shortly)

101 Linux lab book (affiliate link) amzn.to/3zLgEcu
For Cyber:

@RealTryHackMe has free labs on off/def & even foundational IT topics (inc Linux/Windows admin topics), tryhackme.com

Linux distros preferred for pentesting:
Kali: kali.org
Backbox: linux.backbox.org
Parrot: parrotsec.org
For Cyber (pt 2):

These tools are covered in @RealTryHackMe rooms, but good to use in your own lab after using in THM for free:

Wireshark: wireshark.org
Splunk: splunk.com/fr_fr/goto/Dow…
Nessus: tenable.com/products/nessu…
As far as coding goes there's so many different options of what you want to jump into. @Codecademy is a good place to start:
codecademy.com

I've been enjoying this intro to Python from @moshhamedani :


Also check out @labeveryday 🤝
Here are some folks who have great lab walkthroughs on YouTube to also check out:
@_JohnHammond youtube.com/c/JohnHammond0…

@networkbruh youtube.com/channel/UCjqX6…

@KeepItTechie
youtube.com/c/KeepItTechie

@davidbombal
youtube.com/c/DavidBombal
This list is not all inclusive and just a starting point. There are lots of other great resources but I through this together off the top of my head😂

I'm obviously missing cloud labs, so if anyone has any recommendations for that, drop those below (or any other recommendations)

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with John Breth (JB) | CyberInsight® on YouTube

John Breth (JB) | CyberInsight® on YouTube Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @JBizzle703

John Breth (JB) | CyberInsight® on YouTube Profile picture
7 Feb
Random thoughts on planning a small office relocation. This is off the top of my head. So might change some steps IRL. Step one is going to be updated asset list/documentation/cable connections. What devices/software/data currently exists and what will need to be moved /1
Figure out what IT closets/cabling options are in the new spot and plan accordingly and create transition documentation(cable plan, rack layouts, updated diagrams if needed . Pre-run/label as much as you can. Make sure you test these connections(cable drops to comms closets). /2
Backup all device configs/critical data as needed. If you can phase deployments, that is cool, but you might have to do a hard cut over. Figure out what you are doing for circuits (new or migrating). /3
Read 9 tweets
John Breth (JB) | CyberInsight® on YouTube Profile picture
21 Aug 20
I've been seeing some tweets about #BlueTeam and documentation and diagrams. Diagrams are an important part of the engineering process! So, I figured I'd do a little diagram breakdown for folks wondering what are some useful types of diagrams.
High level diagrams provide a non-technical overhead perspective of the environment. If you are at all familiar with DoDAF, this would be like your OV-1 diagram. These should tell a high level story and be easily explainable to someone who is new/and or non-technical.
Network level diagrams show logical connectivity between all nodes/devices in the environment. It should include the IP/hostname of the devices. Other details to include are VLAN information, system/authorization boundaries, as well as any unique information that might make sense
Read 12 tweets
John Breth (JB) | CyberInsight® on YouTube Profile picture
14 Aug 20
For fun 😬 let's chat about network ACL's and a high level approach to securing your network. The purpose is to provide multiple levels of protection (i.e. defense in depth).

4 main ACL's to talk about:
✅Premise ACL's
✅Inter-zone ACL's
✅Intra-zone ACL's
✅Host-based ACL's Image
Let's start on the outside with Premise ACL's. These reside on your most outward facing network devices (probably a router or switch) where your Internet circuits are plugged into. These ACL’s would knock down a large amount of unwanted SPAM packets that flood the Internet.
I would implement both inbound and outbound rules. Only allow out traffic from your specific publicly routable IP space, block private IP space, implement Bogans lists, and also only allow known expected protocols that should be coming into your environment from the Internet.
Read 13 tweets
John Breth (JB) | CyberInsight® on YouTube Profile picture
8 Jan 20
Have you implemented active defense strategies in your environment? Do you know what active defense is vs. normal security monitoring? Let's talk about some technologies/generic strategies.

Shout out to @strandjs @BHinfoSecurity @ActiveCmeasures @corelight_inc
#30DaysofThreads
Active defense is a strategy used that doesn’t just wait for an adversary to attack and then solely block or react. Active defense can instead be seen as an engaged defense that is actively lying in wait. Think of tripwires implemented to attract and alert on malicious actions.
I'm going to discuss two flavors of AD: annoyance and attribution. In the above diagram I have laid out a very generic architecture and labeled a variety of different infrastructure components and the tools/strategies that could be implemented on them.
Read 22 tweets
John Breth (JB) | CyberInsight® on YouTube Profile picture
5 Jan 20
I've seen tweets recently from @gabsmashh and @TC_Johnson about wanting to nail down subnetting. I threw this little diagram together. For me, leaning to subnet took a combination of memorization and finally finding the right explanation that made it click.

#30DaysofThreads
The thing that really clicked for me was understanding that each type of subnet (/24 for instance) is made up of multiple smaller subnets. And the address assignments or boundaries of these smaller subnets cannot change. You can't make a /26 network that bridges two /25's.
So, learning where these boundaries are is critical to learning how to do this all in your head. Also, remember that the first IP address in a network is always the network address and the last is the broadcast address. These are not usable IP's.
Read 11 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!

Follow Us on Twitter!

Like this author's thread?

Get emails when @JBizzle703 has new unrolls!

Check out other threads from @JBizzle703!

Read all threads by @JBizzle703

:(