Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Poncho

macrumors 6502
Original poster
Jun 15, 2007
470
184
Holland
Over the last few weeks Little Snitch keeps alerting me to SSH requests from external sources at different IP addresses. I deny them. If I allow them am I giving remote access to my computer to hackers? I ask because if you Google the IP addres
it.jpg
ses it comes up with Chinese hacker references.

And help appreciated. Have posted a screen-shot.
 
For what it is worth, the IP address in you screen shot is a Chinese IP address
 
Any machine that has port 22 open on the Internet is going to get hits. The bots are always there looking for open SSH ports. Your best overall bet is to make sure the accounts open to SSH have strong passwords on them. Then you have a couple options: 1. Turn SSH off or firewall it off. 2. Keep SSH on, but move the server to a different port. 3. Don't worry about it because you have good passwords.
 
This is why we have firewalls.

If I were running an ssh service, I'd put it on a non-standard port, and let the firewall block port 22 completely.

I also wouldn't run an ssh service with passwords at all. It's strong public keys or nothing.
 
Thanks all. I thought that if I allowed the connection then I was giving access to my machine but I guess from what you are all saying that the person would need to know my user password.

It's probably because I have enabled screen and remote log-in etc in order to run Screens Connect or Presence.
 
Thanks all. I thought that if I allowed the connection then I was giving access to my machine but I guess from what you are all saying that the person would need to know my user password.

It's probably because I have enabled screen and remote log-in etc in order to run Screens Connect or Presence.

That's why if I want to remote into a Mac the I use LogMein.
 
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.