Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

mvmanolov

macrumors 6502a
Original poster
Aug 27, 2013
858
5
I've been curious about this for a while now, as this is just a hobby thing rather than work thing but i love learning and trying new things so here goes:

1) is it possible to setup a mac mini as a IDS/IPF

2) is it advisable to do so or just get a old pc?

3) what software would be best (Icefloor? Little Snitch? etc?)

4) any other useful suggestions?
 

jtara

macrumors 68020
Mar 23, 2009
2,008
536
Ah, so you want to make a network security appliance.

I would think that only one Ethernet port makes a Mac Mini a non-starter. You'd at least have to add an extra Ethernet port with some USB dongle.

I would just get one of the many small boxes and modules made today for this purpose. Most use an ARM processor.

I run OpenWRT on my wireless router. It's a fairly old one, and could use more speed - I have a pretty high-speed Internet connection (60mb/sec) and so I would get better VPN throughput (I get about 10mb/sec).

I used to use a Netscreen device between my network and the cable modem. Now the wireless router just does the job.

At some point, will probably put some dedicated little box running OpenWrt between my network and the cable modem as a security appliance. While it's popular and convenient, I do think it's kinda silly to make your wireless router do double-duty for network security because that shouldn't be tied to your wireless setup. For example, I'd like to update my wireless, but the routers that interest me the most won't run OpenWRT.

I don't think I'd use either a Mac Mini or a power-hungry old PC for this.
 
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.