Keep getting hit up by SSH requests. Hackers?

[Poncho]

Over the last few weeks Little Snitch keeps alerting me to SSH requests from external sources at different IP addresses. I deny them. If I allow them am I giving remote access to my computer to hackers? I ask because if you Google the IP addres

ses it comes up with Chinese hacker references.

And help appreciated. Have posted a screen-shot.

 

[JohnDS]

For what it is worth, the IP address in you screen shot is a Chinese IP address

 

[mfram]

Any machine that has port 22 open on the Internet is going to get hits. The bots are always there looking for open SSH ports. Your best overall bet is to make sure the accounts open to SSH have strong passwords on them. Then you have a couple options: 1. Turn SSH off or firewall it off. 2. Keep SSH on, but move the server to a different port. 3. Don't worry about it because you have good passwords.

 

[chown33]

This is why we have firewalls.

If I were running an ssh service, I'd put it on a non-standard port, and let the firewall block port 22 completely.

I also wouldn't run an ssh service with passwords at all. It's strong public keys or nothing.

 

[Poncho]

Thanks all. I thought that if I allowed the connection then I was giving access to my machine but I guess from what you are all saying that the person would need to know my user password.

It's probably because I have enabled screen and remote log-in etc in order to run Screens Connect or Presence.

 

[satcomer]

Thanks all. I thought that if I allowed the connection then I was giving access to my machine but I guess from what you are all saying that the person would need to know my user password.

It's probably because I have enabled screen and remote log-in etc in order to run Screens Connect or Presence.

That's why if I want to remote into a Mac the I use LogMein.