This was posted 1 year 1 month 8 days ago, and might be an out-dated deal.

Related
  • expired

X2C Mini PC (4x 2.5G LAN, Intel N5105, 2x RAM, NVMe, SATA, DP/HDMI, USB-C) US$129.16 (~A$194.59) Shipped @ Topton PC AliExpress

170
X2C Mini PC (4x 2.5G LAN, Intel N5105, 2x RAM, NVMe, SATA, DP/HDMI, USB-C) US$129.16 (~A$194.59) Shipped @ Topton PC AliExpress
Go to Deal
Cashback
Clear on 20/03/2023 - 20:30 aliexpress.com (886 clicks)
AN9

These Topton Mini PCs have been popular previously and now the improved X2C Mini PC is on sale for a lower price. Compared to the X2B this features a USB-C port for 4K@60Hz display output & data transfer, microSD card slot, CMOS reset button, 4pin fan header with temp control, M.2 2232 to support WiFi 6/6E, TPM 2.0 and cooling vents on the bottom. However it has lost the COM port and SIM slot.

These Mini PCs are a good option for those interested in OPNsense, pfsense, Home Assistant, Win10/11, Linux etc. The Intel Celeron N5105 4 core/4 thread CPU can decode a lot of 4K, HDR and VP9 content thanks to the Intel UHD graphics, making this a good media player as well.

Featuring 4x Intel i226-V 2.5G LAN ports, M.2 NVMe 2280 SSD slot, 2.5" SATA slot, 2x DDR4 SODIMM RAM, HDMI 2.0/DP 1.4/USB-C with 4K@60Hz support, M.2 2232 slot for WiFi, microSD slot, CMOS BIOS reset button, 2x USB 3.0, 2x USB 2.0, VESA mounting and AU plug.

Since this is a Barebones PC you need to provide your own RAM and storage

  • Add "Bundle: Intel Celeron N5105" to the cart
  • Apply coupon AN9 at checkout
  • Further US$19.87 discount applied automatically at checkout

AU$ based on current Mastercard rate, GST inclusive and stacks with cashback.

Original Coupon Deal

Computing Computer Mini PC Topton

Related Stores

AliExpress
AliExpress
Marketplace
Topton
Topton

closed Comments

  • Rebengaaa on 20/03/2023 - 20:42
    +5

    Running Pfsense on a rackmounted Dell R210 ii and have been looking at options for a smaller and cheaper unit that I can use as a spare, in case of hardware failure.

    Not to imply that this isn't a good deal, but does anyone else get nervous about the prospect of using random ass chinese sourced hardware?

    I suppose it comes down to a personal choice and risk assessment, but how can you trust it to protect you from external threats when you can't trust a firmware update or what's in it (assuming you can even get firmware updates for it)?

    • [Deactivated] on 20/03/2023 - 20:54
      +2

      Similar to you with a r710 and yes i does get me nervous too.

      • DisasterArea on 20/03/2023 - 22:21

        but how can you trust it to protect you from external threats when you can't trust a firmware update or what's in it (assuming you can even get firmware updates for it)?

        If you're that worried, then put something between it and the outside world, like a router… the packets do not lie.

        • Rebengaaa on 20/03/2023 - 23:13
          +1

          I’d be using it as a router. Are you suggesting I put a router in front of another router?

          • DisasterArea on 20/03/2023 - 23:29

            @Rebengaaa: Of course not…

            nbn box > Router > firewall device

            Router logs > port through fireeall > X2C logger (splunk is free at this scale, you could even run it on the X2C if you viurtualise everything, although better run on something internal).

            Check your logs, any data that is coming from the X2C , you would see.

            • Rebengaaa on 20/03/2023 - 23:33
              +1

              @DisasterArea: Thanks for the recommendation. Brb after I become a splunk/x2c/VMware/proxmox expert.

              • DisasterArea on 20/03/2023 - 23:35
                +1

                @Rebengaaa: no need to be funny about it, there's really nothing to capturing one log source, any syslog server will do (like on a NAS box) -
                Splunk out of the box requires little to no config to capture a UPD syslog off your router, and dead easy to query, really no need to be an expert -
                You'd get it sorted in an afternoon.

                • ForbiddenCouponJutsu on 29/03/2023 - 08:43

                  @DisasterArea: I'm curious how this works at a consumer level.
                  I've only used Splunk quite lightly at an enterprise level but from my understanding a Splunk agent, index and search head is needed to fully utilise Splunks ability to present legible logs. (we also use Cribl as well)

                  Does Splunk require less configuration/setup for log analysis at this scale?
                  Yes, I could google it but thought it'd be more interesting to start a discussion :p

                  • DisasterArea on 29/03/2023 - 12:59
                    +1

                    @ForbiddenCouponJutsu: "splunk Free" is downloadable at no cost, installs on any windows PC and runs in the background.
                    500mb of logs a day, more than enough for instance to collect your firewall or router logs.

                    All I did was I have a "tinypc" - 256gb hdd/ dual core / laptop hardware (so low power) in my network, that I use to run my 3d printer.

                    I installed on that, configured a receiver on UDP 614. adjusted windows firewall to allow UDP 614 incoming from local subnet , also allow TCP 8000 so I could login to splunk console…

                    Then on router, (asus 5300) , configured logging to go to my machine (192.168.1.nn) which is hard set (well it's reserved on the router) and off I went.

                    The logs pour in, I don't do anything fancy with it at present -i just want to see what the router is doing. I can see all inbound traffic being dropped by the NAT, and when running an openVPN (on the router), I can see all the IP's attempting to connect to it.

                    I can also easily see all outbound traffic from my network, what IP and port they're going to. Things like IoT lightbulbs and robot vacuum cleaners roaming around inside the network are FAR more risky than the gateway device.

                    If I was buying one of these multi-port devices and running pfsense on it, I'd just point its logs to splunk , maybe use a different port (514 etc) but I could easily compare what the firewall says it's doing with what the router tells me it's doing, there would be no way for the "device" to send outbound network traffic I didn't know about without the router logging the packets.

                    Added bonus on pfsense you can probably setup pcap for interesting traffic… I may be able to do this on an asus (merlin firmware) router, but really cannot be bothered…

                    Splunk can take syslog in directly, and yes if you want "legible logs" you might want to play with some regex to cut them up into nice fields… but if you just want the raw log, it'll take it and store it and it's searchable. From my router splunk already reads quite a lot of syslog fields for in/out traffic, it has some trouble with DHCP and internal logging but I can still search it, and break fields down if I can be bothered. Honestly no need to go that far.

                    I did build a dashboard a while back with a pewpew map (global map with connections in and out) that geolocated all the IP Addresses, it was pretty easy, but I lost it all when my temp license expired..

                    Oh… before you USE splunk, go into settings and change from temp license to FREE license, then you never need to worry about that again, you just get fewer functions. (from memory you cannot send notifications etc, run timed searches etc.

    • Clear on 20/03/2023 - 21:00
      +1

      These Mini PCs are well covered over at ServeTheHome and the BIOS is clean. If you really wanted firmware updates it seems Changwang is the manufacturer and they have updates for various models like this that you install manually.

    • p1 ama on 20/03/2023 - 21:01
      +5

      Not to imply that this isn't a good deal, but does anyone else get nervous about the prospect of using random ass chinese sourced hardware?

      Not really - a lot of the "fear" against using "Chinese-made" hardware is just political saber-rattling.

      Almost all web traffic these days goes through SSL, which basically means that the content of what is being sent cannot be intercepted or decrypted by anyone in the network "chain", e.g. your router, ISP, governments…etc.

      What may be collected is certain pieces of metadata about the websites you are visiting which may be able to give some insights into what websites you're frequenting. This is practically of no use to any "Chinese spy agency" that you can think of. Ultimately, this is a moot point because I don't really believe that the motherboard (which is the only so-called "random ass Chinese sourced hardware" in the box can "spy" on anything.

      The CPU is Intel, NICs are Intel, the software (e.g. pfSense) is open source so you can check for yourself what's spying on you.

      I suppose it comes down to a personal choice and risk assessment, but how can you trust it to protect you from external threats when you can't trust a firmware update or what's in it (assuming you can even get firmware updates for it)?

      What threats are you talking about exactly?

      The reality is that the "Chinese government" is a pretty low threat to you - statistically, you are much more likely to die of a car accident, get cancer, be killed by your partner,…etc. and a plethora of other things before being a target of Chinese spying. Are you taking similar precautions with the other higher risk exposures?

      • nismoau on 20/03/2023 - 21:08
        +2

        have had a 'kettop pc' running pfsense for 8 years now and it's been solid.

        it only occasionally laughs when I tell a joke.

      • Gusper on 20/03/2023 - 21:21

        Talk to a cyber expert then answer the question, reality is hardware source is not the main vector. Software and networking is!

      • consoles4fun on 20/03/2023 - 21:21
        +2

        I get what you're saying however these things are basically earmarked as routers.

        Imo this is the perfect device for some weird low level firmware based man in the middle nonsense.

        No self respecting IT pro ever put this in a production environment. Home use maybe but I personally wouldn't. No amount of 'calling home' is acceptable whether it's minimal meta data or not.

        • Rebengaaa on 20/03/2023 - 21:32

          Yep this was exactly my concern, but I'm just not knowledgeable enough on the subject to understand the specific risks :o

        • stephendt on 21/03/2023 - 10:51
          +1

          How would this "call home" exactly? It has no control over the operating system.

      • Rebengaaa on 20/03/2023 - 21:27

        Almost all web traffic these days goes through SSL…

        Yeah, it wasn't so much this that I was concerned about - more around possible exploits centering around backdoors cooked into BIOS. I asked the question to a seasoned cybersec consultant who said the backdoors that China has been accused of baking in in the past doesn't take the obvious form of a backdoor, but rather a vulnerability that can be explained away as a "bug"/error.

        Unfortunately, I don't have much knowledge of hardware based vulnerabilities, so that's why I didn't go on a wild rant, and rather just asked the question.

        What threats are you talking about exactly?…

        I'm aware everyone has a different threat model (hence my original wording). Again, my concern is around exploits that make it into the wild, and not around targeted state sponsored attacks, as you have to be a specifically valuable target to worry about these. And if I was one of these individuals I would have very specific protocols for procuring/installing/maintaining my computing infrastructure etc.

        • p1 ama on 20/03/2023 - 21:47

          possible exploits centering around backdoors cooked into BIOS

          Can you explain what you mean by this?

          Unfortunately, I don't have much knowledge of hardware based vulnerabilities, so that's why I didn't go on a wild rant, and rather just asked the question.

          FYI - I'm not a cybersecurity expert either, but I have a computer science background (in HPC and ML programming, and their applications), so have some understanding of hardware / software / networking.

          My understanding is that this is more in reference to packaged devices (e.g. a phone), as opposed to chipset-level firmware. The risks of backdoors in a phone operating system is obviously far greater than one in CPU / chipset bytecode.

          Again, my concern is around exploits that make it into the wild, and not around targeted state sponsored attacks, as you have to be a specifically valuable target to worry about these.

          If this is the main concern, then I really doubt that some random manufacturer of cheap generic hardware with off-the-shelf parts will be contributing to making exploits known to the wild.

          • Rebengaaa on 20/03/2023 - 23:23

            @p1 ama: What I meant was that my concern was that almost any kind of exploit/security vulnerability can exist in firmware. It was my general understanding that almost any type of vulnerability can exist at this level (MIM, malware etc), and that many organisations consider this a very real risk.

            Edit - happy to be corrected if you believe there is little/no risks of using devices with unaudited/untrusted firmware

            • 2024 on 20/03/2023 - 23:51

              @Rebengaaa: Agree 100%
              Personally I stick with Intel NUCs and managed switches to make a router on a stick because of these exact concerns.

              I’ve seen too many CVEs for NIC drivers/firmware to be comfortable hanging out for some random vendor to patch it.

              How often would these random guys release ME updates and microcode updates, for example?

              • Rebengaaa on 21/03/2023 - 00:06

                @2024: Yeah - just seems like more headaches/worries on top of the reported reliability issues of these devices.

              • Clear on 21/03/2023 - 00:15

                @2024:

                I’ve seen too many CVEs for NIC drivers/firmware to be comfortable hanging out for some random vendor to patch it.

                Some random vendor being Intel? That's where your drivers will come from for the Intel NICs.

                • 2024 on 21/03/2023 - 00:18
                  -1

                  @Clear: In the disto yeah but how can I know the UEFI drivers are original? I’m sure there is a way to check, and I’m sure there is a way to patch that check so it passes ;)

                  I’m just saying for all I know, there might be local laws over there that are similar to the US’s Patriot/FISA acts that might apply to these sorts of gizmos, and for me it’s a case of better the devil you know than the devil you don’t :)

            • p1 ama on 21/03/2023 - 01:14

              @Rebengaaa:

              What I meant was that my concern was that almost any kind of exploit/security vulnerability can exist in firmware.

              When you say "firmware", it's not clear to me what exactly you are referring to. The only relevant components are the CPU, chipset, NIC, and UEFI - the CPU, chipset and NIC are all Intel products, so will have Intel firmware baked into the chips and can't be changed - i.e. this will be no different to any other computer using the same Intel products. The only "custom" firmware on this machine is the UEFI.

              UEFI vulnerabilities and exploits exist - they are not unique to "Chinese" hardware. (e.g. see https://www.zdnet.com/article/firmware-vulnerabilities-affec…)

              It was my general understanding that almost any type of vulnerability can exist at this level (MIM, malware etc), and that many organisations consider this a very real risk.

              Yes, of course there are vulnerabilities at the hardware level (e.g. Spectre / Meltdown are two of the most famous ones, which target branch prediction in CPUs). Of course this is a "very real" risk. There are even vulnerabilities in UEFI (e.g. see this from Lenovo https://www.bleepingcomputer.com/news/security/new-uefi-firm…).

              Your conclusion is a bit obscure to me, but you seem to be saying one of two things:

              1) That Chinese manufacturers are purposefully putting in security vulnerabilities, in which case I would question why you would believe that some random small Chinese manufacturer who makes products which have practically no "real world" deployment would do that? By this logic, anybody could be purposefully put vulnerabilities into their "firmware" (used loosely).

              2) That Chinese manufacturers are not purposefully putting in security vulnerabilities, but somehow Chinese stuff has a higher chance of having non-intentional vulnerabilities - again, this doesn't stack up to me because there's no reason to believe why this would be the case.

              Edit - happy to be corrected if you believe there is little/no risks of using devices with unaudited/untrusted firmware

              This is my fundamental disagreement - however, not because I believe there are no risks, but rather, that I don't understand why you believe this particular device is riskier. The vast majority of electronic devices (including those connected to the internet) are made in China.

              e.g. What do you mean by "unaudited / untrusted"? Audited and trusted by whom exactly? There are no "central agencies" who audit UEFI source / byte code. Even if there were, security vulnerabilities are often discovered over time.

              I'm not saying you should not be weary of this device, but rather, that you should be equally weary of other devices.

              • 2024 on 21/03/2023 - 09:10
                +1

                @p1 ama:

                so will have Intel firmware baked into the chips and can't be changed

                It can be changed and Intel infact say ensure it’s updated from the OEM not Intel:

                https://www.intel.com.au/content/www/au/en/support/articles/…

                • Clear on 21/03/2023 - 11:03

                  @2024: They say that because OEMs like Dell, HP etc. often (not always) have customised drivers with a different configuration or compatibility so it's better to get it from there.

                  Stock drivers from Intel are perfectly fine and in most cases exactly the same, if not newer as OEMs tend to discontinue support for models quickly.

                  • 2024 on 21/03/2023 - 13:24
                    -1

                    @Clear: Drivers and firmware are different things

                    • Clear on 21/03/2023 - 13:29

                      @2024: Yes it is and both the Intel firmware and Intel driver will work on the Intel NICs.

                      • 2024 on 21/03/2023 - 13:37

                        @Clear: Indeed, and non intel drivers/firmware can be written to work too.

                        Anyway, care to let us know when these guys will be releasing microcode updates to address the following security advisory?

                        Intel recommends that users of affected Intel® Processors update to the latest version firmware provided by the system manufacturer that addresses these issues.

                        INTEL-SA-00767

                        https://github.com/intel/Intel-Linux-Processor-Microcode-Dat…

    • [Deactivated] on 20/03/2023 - 21:30
      +1

      Running Pfsense

      Should be OPNsense

    • stephendt on 21/03/2023 - 10:50

      I've had a similar one running for 4 years and no issues

  • xfelix on 20/03/2023 - 20:46
    +1

    Just be aware it runs very hot. I believe adding a fan for this box is a must (considering more heat from SSD as well).
    If you plan to use this box to run Proxmox VE with pfsense such edge router, need to rethink about its reliability. This may not be the ideal solution compared to dedicated hardware.

  • xdirex on 20/03/2023 - 20:47
    +1

    While I’ve had a great run with lots of random boxes like this in the past, I find it hard to not pay $30ish more and get 3yr warranty from an Intel NUC.

    Edit: Didn’t initially see the 4x LAN.

    • MagnamoniousRex on 20/03/2023 - 21:17

      Yeah the only NUC with more than 1 LAN port is like $800

  • fryandlaurie on 20/03/2023 - 21:11
    +1

    Would jump at another deal of the X2B units if you can make that happen Clear :)

    • Clear on 20/03/2023 - 21:14
      +1

      You can get this one for US$115.43 (~A$173.91) with coupon AN9

      Be sure to choose the N5105 i226-V or N5105 i225-V B3 bundle.

      • NoVillage on 20/03/2023 - 23:11
        +1

        Heads up on this model I purchased the n5100 i226-V model with the deal around January. Worked great for about a month then randomly died! Now have the fun of dealing with PayPal/aliexpress to get a refund

        • landril on 20/03/2023 - 23:21

          Gonna have put your foot down if my experience with a DOA tablet is anything go by. Nearly 3 months!!

  • Musiclover on 20/03/2023 - 21:11

    So there are plenty of those used office Dells etc for similar or cheaper price specced with proper x86 Intel or AMD laptop processors… Are they better or worse?

    • Clear on 20/03/2023 - 21:15

      Depends on what you intend on using them for. Despite the Intel Celeron N5105 being a Celeron it's still very capable for media transcoding compared to older CPUs in a lot of those used Office PCs and has a lower footprint.

      If you're needing multiple network ports then you'd need an additional PCIe card or USB ethernet adapters for the used PC.

      • Musiclover on 20/03/2023 - 21:19

        So I will give one example just to show what I mean, random example https://www.ozbargain.com.au/node/760257

        • Clear on 20/03/2023 - 21:29
          +1

          And what's your intended use?

          • Musiclover on 20/03/2023 - 21:52
            -1

            @Clear: Let's say the price is roughly the same, than you would benefit from a more versatile device?

            I intend to use it for everything apart from gaming - playing and editing video and audio, browsing, etc. It will sit underneath a TV and work as a TV box most of the times though.

            I got a neg. For what?! Crazy world. (PS I have not edited this post)

  • Arronaj on 20/03/2023 - 21:44

    Is it worth just getting the RAM and storage options here or sourcing yourself? Would be my pfsense router, thinking 8GB RAM and 128GB storage would be plenty. Never used OPNsense, is that the go these days since pfsense going commercial? I assume it would be relatively straightforward to setup if I've used pfsense?

    • Switchblade88 on 20/03/2023 - 22:09

      Generally better to DIY your RAM & SSD, especially if you can salvage some from an old laptop for free. Don't want to commit to some generic no-name module that is not really good value.

      • Arronaj on 20/03/2023 - 23:26

        Thanks for the info, read up a bit further and found multiple sites where the i225/i226 NICs seem flakier than I probably want to stuff around right now. I will stick to my Optiplex environment for now, 1 bare metal pfsense with a backup ESXi VM pfsense.

  • Shermanpk on 21/03/2023 - 10:51

    These are great, it might be worth looking for a similar device running DDR5, but in general they are great.

Login or Join to leave a comment
Login Join