- Posted on
Tue Jan 24, 2017 12:57 am
-
MartyS
offline
-
- Posts: 86
- Joined: May 06, 2008
- Location: Charlotte, North Carolina
Joe is right about limiting what you do on the server, and having a firewall setup for inbound access and Little Snitch for outbound. "Training" Little Snitch and looking for inbound firewall connections that need to be opened up to local network systems can take some time, but is really worth it (even for a system running Sierra) when security is a concern. Have the fewest inbound ports accessible as possible to minimize your exposure to outside probing. Check out Murus for a super easy GUI way to get your firewall going. It has a Murus Lite version that's free.
For an older OS I suggest getting MacPorts installed. With it, install openssl. You can branch out from there to install newer versions of SSH, Perl, Python, etc. as you desire. Apple tends to be "behind" in patching many command-line components that may or may not expose your unsupported system to abuse. You can go overboard with installing things with MacPorts so concentrate on key things.
My headless 2GB, 2.16GHz Core Duo 10.6.8 server handles Indigo (including Homebridge), TimeMachine and CrashPlan backups for all local systems, NTP time service, MRTG and a bunch of lesser-important stuff. Your Mac Pro would run circles around my machine… and never break a sweat. I envy your hand-me-down machine!
/Marty