Go Back   MacRumors Forums > Apple Systems and Services > OS X > Mac OS X Server, Xserve, and Networking

Reply
 
Thread Tools Search this Thread Display Modes
Old Feb 8, 2010, 04:42 AM   #1
jgbr
macrumors 6502
 
Join Date: Sep 2007
Running OSX Server in a true Sandbox

I want to run OSX Server virtualised but completely independant to the host system and in a true box.

I am using a mac Pro, so can give it a dedicated CPU/RAM and Ethernet, any other recommendations : Ext HD?

I can not/do not want data leakage between the two systems. If i simply want to discard and loose logs of it forever, i just delete the image as such
jgbr is offline   0 Reply With Quote
Old Feb 8, 2010, 05:12 AM   #2
mcprobie
macrumors member
 
Join Date: Nov 2009
Location: Paradise Corrupt
Maybe VMware Fusion is any help to you ?
__________________
"Started thinking about what you said; about me obsessing; started obsessing about obsessing."
mcprobie is offline   0 Reply With Quote
Old Feb 8, 2010, 05:13 AM   #3
jgbr
Thread Starter
macrumors 6502
 
Join Date: Sep 2007
Yes i am using VMWARE but i want to sand box it further then that.

Dedicated Ethernet, obv allows IP, EXT HD is the only other idea? alongside CPU/RAM
jgbr is offline   0 Reply With Quote
Old Feb 8, 2010, 05:43 AM   #4
mcprobie
macrumors member
 
Join Date: Nov 2009
Location: Paradise Corrupt
Quote:
Originally Posted by jgbr View Post
Yes i am using VMWARE but i want to sand box it further then that.

Dedicated Ethernet, obv allows IP, EXT HD is the only other idea? alongside CPU/RAM
But how have you set up VMware ? Are you using NAT or Host IP only networking ... That way it is already seperate from your LAN.

You can put the virtual disk image on an external disk, no problem, but that doesn't "sandbox" it more because it is already a seperate file ...

Sorry if I'm not understanding your question.
__________________
"Started thinking about what you said; about me obsessing; started obsessing about obsessing."
mcprobie is offline   0 Reply With Quote
Old Feb 8, 2010, 05:59 AM   #5
jgbr
Thread Starter
macrumors 6502
 
Join Date: Sep 2007
I just want to ensure that the two machines are seperate in hardware and software.

Essenentally: Anyone looking in or tracing back to OSX server, will see OSX Server, not a Mac Pro/SL
jgbr is offline   0 Reply With Quote
Old Feb 8, 2010, 06:13 AM   #6
mcprobie
macrumors member
 
Join Date: Nov 2009
Location: Paradise Corrupt
Quote:
Originally Posted by jgbr View Post
I just want to ensure that the two machines are seperate in hardware and software.

Essenentally: Anyone looking in or tracing back to OSX server, will see OSX Server, not a Mac Pro/SL
I think basically it will show that it is only the OSX server ... One will not see the Mac Pro ... But, then again, if you have the mac address of the virtual NIC, you could look up the vendor, it will probably show it is a NIC from VMware ... Maybe if you change the mac address to something general this might help.

You could also set up a ipsec tunnel to your server, or a constant vpn tunnel.

But it is all useless if you put the OSX server on the same network as the Mac Pro though (same subnet).... Except for the vpn-tunnel.
__________________
"Started thinking about what you said; about me obsessing; started obsessing about obsessing."
mcprobie is offline   0 Reply With Quote
Old Feb 8, 2010, 06:17 AM   #7
jgbr
Thread Starter
macrumors 6502
 
Join Date: Sep 2007
Its all hidden behind a router anyway; so must traces just get the router address not the IP address.

Do you think giving it an dedicated HD and IP address is wise too?

SHould someone see past the router, it would still look like a seperate machine as the IP address would be different to the main Mac Pro SL address
jgbr is offline   0 Reply With Quote
Old Feb 8, 2010, 06:27 AM   #8
mcprobie
macrumors member
 
Join Date: Nov 2009
Location: Paradise Corrupt
No giving it a seperate HDD would not make any difference ... A different and/or fixed IP address is of course wise ... Definitely a different one then the address of your Mac pro (different subnet all together would be ideal ... But maybe that is not feasible?)

If the virtual machine is in the same subnet as your Mac Pro, potential hackers would scan the network and see both machines as seperate ... But still would see both machines.
__________________
"Started thinking about what you said; about me obsessing; started obsessing about obsessing."
mcprobie is offline   0 Reply With Quote
Old Feb 8, 2010, 06:31 AM   #9
jgbr
Thread Starter
macrumors 6502
 
Join Date: Sep 2007
so how would i put the Server on a dedicated subnet? im using airport extremes
jgbr is offline   0 Reply With Quote
Old Feb 8, 2010, 06:35 AM   #10
DoFoT9
macrumors P6
 
DoFoT9's Avatar
 
Join Date: Jun 2007
Location: Singapore
Send a message via AIM to DoFoT9 Send a message via MSN to DoFoT9 Send a message via Skype™ to DoFoT9
Quote:
Originally Posted by jgbr View Post
so how would i put the Server on a dedicated subnet? im using airport extremes
that could be done thru VMware itself (software), or by using another router to create a new subnet hardware-wise.
__________________
Official MacRumors IRC @ irc.krono.net #macrumors (Or http://kewlirc.net:9090/)
2012 2.5GHz Mac Mini Dual - 16GB RAM
Win8 PC - i5-3570k - 16GB RAM - SSD
DoFoT9 is offline   0 Reply With Quote
Old Feb 8, 2010, 06:36 AM   #11
jgbr
Thread Starter
macrumors 6502
 
Join Date: Sep 2007
a guide on how to do both would be idea

software is easier then going and buying another router
jgbr is offline   0 Reply With Quote
Old Feb 8, 2010, 06:39 AM   #12
mcprobie
macrumors member
 
Join Date: Nov 2009
Location: Paradise Corrupt
Quote:
Originally Posted by jgbr View Post
so how would i put the Server on a dedicated subnet? im using airport extremes
The way I would do it ... (this depends if you are going to use the Mac Pro for anything else of course) ... is change the IP-address of the Mac Pro so it is on its own subnet ... For example 10.10.10.1 ... Then only the virtual machine will be on the "production" network, this way the Mac pro is hidden and/but only accessible locally ...

Another option is have 2 NICs in the Mac Pro and dedicate one for a seperate subnet, but you will then have to have a second router or make the Mac Pro act as a router ... A bit more challenging to set up

{edit} .... Like DoFoT9 mentioned ... I'm second ... There are software based router systems to be found ... Mostly Linux based, they also have a firewall most of the time, but you could leave that open and just route stuff ... Or use NAT.
__________________
"Started thinking about what you said; about me obsessing; started obsessing about obsessing."
mcprobie is offline   0 Reply With Quote
Old Feb 8, 2010, 06:40 AM   #13
DoFoT9
macrumors P6
 
DoFoT9's Avatar
 
Join Date: Jun 2007
Location: Singapore
Send a message via AIM to DoFoT9 Send a message via MSN to DoFoT9 Send a message via Skype™ to DoFoT9
Quote:
Originally Posted by jgbr View Post
a guide on how to do both would be idea

software is easier then going and buying another router
i am not truely familar with vmware, sorry but maybe somebody else can help. i use parallels to emulate my OSs (more stable im my experience), but it cannot run OSX server

for software based, its all in the settings of the VM - ive confused myself now though, if you choose "shared networking" it creates a new subnet for the VM but its an extension of your actual computer. traceroutes would show the computer in the middle in this case.

ill sleep on it!
__________________
Official MacRumors IRC @ irc.krono.net #macrumors (Or http://kewlirc.net:9090/)
2012 2.5GHz Mac Mini Dual - 16GB RAM
Win8 PC - i5-3570k - 16GB RAM - SSD
DoFoT9 is offline   0 Reply With Quote
Old Feb 8, 2010, 06:40 AM   #14
jgbr
Thread Starter
macrumors 6502
 
Join Date: Sep 2007
guide to doing that in vmware fusion would be great
jgbr is offline   0 Reply With Quote
Old Feb 8, 2010, 06:43 AM   #15
jgbr
Thread Starter
macrumors 6502
 
Join Date: Sep 2007
sounds like the best course of action is to just use the other NIC in the Mac Pro and Wing it. I am not too fussed it seeing the other machines on the network, just for it to think its a seperate machine.
jgbr is offline   0 Reply With Quote
Old Feb 8, 2010, 06:45 AM   #16
mcprobie
macrumors member
 
Join Date: Nov 2009
Location: Paradise Corrupt
Quote:
Originally Posted by jgbr View Post
guide to doing that in vmware fusion would be great
I will see what I can deliver ... But it might take a while seeing I'm still at work
__________________
"Started thinking about what you said; about me obsessing; started obsessing about obsessing."
mcprobie is offline   0 Reply With Quote
Old Feb 8, 2010, 06:45 AM   #17
DoFoT9
macrumors P6
 
DoFoT9's Avatar
 
Join Date: Jun 2007
Location: Singapore
Send a message via AIM to DoFoT9 Send a message via MSN to DoFoT9 Send a message via Skype™ to DoFoT9
Quote:
Originally Posted by jgbr View Post
sounds like the best course of action is to just use the other NIC in the Mac Pro and Wing it. I am not too fussed it seeing the other machines on the network, just for it to think its a seperate machine.
using "bridged" mode using the other NIC would indeed make it appear as a separate machine. very easy to test for as im sure you know.

ill fire up vmware tomorrow and see what i can do bed calls now.
__________________
Official MacRumors IRC @ irc.krono.net #macrumors (Or http://kewlirc.net:9090/)
2012 2.5GHz Mac Mini Dual - 16GB RAM
Win8 PC - i5-3570k - 16GB RAM - SSD
DoFoT9 is offline   0 Reply With Quote
Old Feb 8, 2010, 06:48 AM   #18
jgbr
Thread Starter
macrumors 6502
 
Join Date: Sep 2007
Thankyou.

The main objective is to make it look like a seperate machine, although most traffic traced would just come up as our public address not the internal one.

I might give it a dedicated ip address far out from the other machines...to fool a looker even more.
jgbr is offline   0 Reply With Quote
Old Feb 8, 2010, 06:51 AM   #19
jgbr
Thread Starter
macrumors 6502
 
Join Date: Sep 2007
its the tip of the iceburg as im assigning a dedicated mouse and keyboard via usb controller in vmware for it.lol
jgbr is offline   0 Reply With Quote
Old Feb 8, 2010, 06:52 AM   #20
DoFoT9
macrumors P6
 
DoFoT9's Avatar
 
Join Date: Jun 2007
Location: Singapore
Send a message via AIM to DoFoT9 Send a message via MSN to DoFoT9 Send a message via Skype™ to DoFoT9
Quote:
Originally Posted by jgbr View Post
its the tip of the iceburg as im assigning a dedicated mouse and keyboard via usb controller in vmware for it.lol
you really do want it in true sandbox mode!!

i just realised that parallels can run server versions of OSX - would you consider running parallels? i find it to be a much nicer and more stable experience.

ok seriously, bed time! lol
__________________
Official MacRumors IRC @ irc.krono.net #macrumors (Or http://kewlirc.net:9090/)
2012 2.5GHz Mac Mini Dual - 16GB RAM
Win8 PC - i5-3570k - 16GB RAM - SSD
DoFoT9 is offline   0 Reply With Quote

Reply
MacRumors Forums > Apple Systems and Services > OS X > Mac OS X Server, Xserve, and Networking

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Similar Threads
thread Thread Starter Forum Replies Last Post
What Mac Mini model running OSX server would suit home network? appleforumchris Mac mini 20 Apr 17, 2014 08:57 AM
Not running a server, but it always seems like I am. Motorik Mac OS X Server, Xserve, and Networking 2 Jan 16, 2014 03:02 PM
is it true than on OSX LION 10.7.5 installing MESSAGES BETA removed ichat? jinxers22 Mac Applications and Mac App Store 4 Jun 4, 2013 05:11 PM
Actualizing my mini server to OSX server ecapdeville Mac OS X Server, Xserve, and Networking 3 Jul 25, 2012 10:54 PM
Mac Mini Server running standard OSX? Ifti Mac mini 16 Jul 11, 2012 07:23 PM

Forum Jump

All times are GMT -5. The time now is 01:57 PM.

Mac Rumors | Mac | iPhone | iPhone Game Reviews | iPhone Apps