Results 1 to 6 of 6
  1. #1


    Member Since
    Aug 11, 2010
    Posts
    3
    Port 22 (SSH) Attack Daily!!!!
    I have a MBP (S.L 10.6.5) that I use for work/home purposes. I'm using Doorstop X/Who's There? and Little Snitch for internet security. For the last couple of days my Who's There app is showing that someone is trying to remotely access my MBP, threw Port 22.

    Here are the details: (RED FLAG) 70.32.68.18 (IP), n18.c05.mtsvc.net (Host Name). WHOIS, shows the location somewhere off the cost of Africa.

    Access is denied, but the attacks still proceed. Every time I restart my MBP, as soon as it boots the first attack appears. There are only a few attacks (2-4) depending on the time I'm on the internet. The Attacks only happen on my home network, not on my office network. I use an Airport Extreme (Latest Model) at home.

    Even though access is denied, it's still irritating!! What can I do to stop this attacker and future ones? Information greatly appreciated, thank you.

  2. #2

    Raz0rEdge's Avatar
    Member Since
    Jul 17, 2009
    Location
    MA
    Posts
    8,650
    Specs:
    27" i7 iMac, 24" iMac, 13" Macbook Air, iPhone 6S, iPod Nano 7th GeniPad 3
    How are you connecting to the Internet? If you are going through a router then the firewall in there should prevent access to your machine which should be on a local IP address that is inaccessible from the external world..

    Routine attacks on standard Internet ports are VERY common and there's no real way of preventing it since the attacker isn't really targeting you but rather a large number of IP's in a particular range to see which one they can get access to.

    Regards

  3. #3


    Member Since
    Aug 11, 2010
    Posts
    3
    I'm connecting with a Comcast router/Apple Airport Extreme.

  4. #4

    IvanLasston's Avatar
    Member Since
    Feb 26, 2010
    Location
    Rocky Mountain High, Colorado
    Posts
    2,116
    Specs:
    1.8 GHz i7 MBA 11" OSX 10.8.2
    Is the Comcast router doing the routing/firewall or is the Extreme? Do you have port 22 open in your firewall?

    Do you need ssh on - on your mac?

    As Raz0rEdge has said - it is really a bunch of scripts that are hitting port 22 because it is so common, and so much can be done if you get in on port 22.

    If you need ssh open then there are a few things you can do to help decrease the chances of getting hit like installing denyhosts.

  5. #5


    Member Since
    Aug 11, 2010
    Posts
    3
    Extreme is doing the FW; and no, Port 22 is not open, don't really need it open. Would changing my IP help, because my IP is different at work; I'm only being attacked at home. So, obviously he/them have that IP (home). Should I change to a static address?

  6. #6

    IvanLasston's Avatar
    Member Since
    Feb 26, 2010
    Location
    Rocky Mountain High, Colorado
    Posts
    2,116
    Specs:
    1.8 GHz i7 MBA 11" OSX 10.8.2
    Can you see where the hits are coming from? There really shouldn't be anything passing through your firewall. Are the port 22 hits coming from an internal ip address or is it an internet address? Meaning could someone have hopped onto your wifi - then try to attack your computers? It also could be another machine got hacked and they are using that to search for vunerable machines inside your network.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Panic Attack
    By Simmy69 in forum Apple Notebooks
    Replies: 14
    Last Post: 05-22-2015, 10:19 AM
  2. DDOS attack
    By debidaly in forum Apple Desktops
    Replies: 6
    Last Post: 01-20-2015, 02:37 PM
  3. how can I SSH to a linux box and then port forward to a Windows box?
    By wlandymore in forum OS X - Operating System
    Replies: 7
    Last Post: 01-31-2013, 09:14 AM
  4. SSH not listening to SSH port
    By rameses in forum OS X - Operating System
    Replies: 2
    Last Post: 01-04-2013, 07:39 AM
  5. Another Vicious Attack
    By bobtomay in forum Schweb's Lounge
    Replies: 9
    Last Post: 08-02-2011, 08:37 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •