Security overview
On our side
Section titled “On our side”- Dedicated physical hardware — your machine is never shared or virtualized between customers, so there are no “noisy neighbour” or cross-tenant risks.
- DDoS protection at the network edge.
- Secure data centers with controlled physical access.
- Key-based authentication support for SSH (Ed25519 / RSA / ECDSA).
For the full security posture, IAM and compliance details, see the security page.
Brute-force protection (fail2ban)
Section titled “Brute-force protection (fail2ban)”Every instance runs fail2ban in front of SSH and VNC. After 5 failed logins within 10 minutes, the offending IP is banned for 1 hour.
| Setting | Value |
|---|---|
| Max retries | 5 |
| Window (findtime) | 10 minutes |
| Ban duration (bantime) | 1 hour |
| Services | SSH (22) and VNC (59010) |
| Ban action | macOS packet filter (pf) |
This is why connecting with the wrong username, key or port a few times in a row can suddenly cut you off entirely — fix the cause, then retry. If you’re locked out and can’t wait, email support@myremotemac.com with your public IP.
A non-standard VNC port
Section titled “A non-standard VNC port”The macOS desktop is served on port 59010 instead of VNC’s default 5900. Most automated scanners only probe 5900, so moving the service off it removes the vast majority of brute-force noise. Always connect with vnc://YOUR-IP:59010.
Is someone watching my screen?
Section titled “Is someone watching my screen?”When you’re connected over VNC, macOS shows “Your screen is being observed” with an icon in the menu bar. This is expected and not a third party — it appears because Screen Sharing / Remote Management is active and a session is connected, and that session is your own VNC connection.
- Click the menu-bar icon to see exactly which sessions are connected.
- The indicator turns off when you disconnect.
- Your machine is dedicated to you — nobody else shares it.
Apple documents this indicator here: support.apple.com/en-us/120315.
Hardening your Mac (recommended)
Section titled “Hardening your Mac (recommended)”You control the OS, so a few steps go a long way:
- Use an SSH key for login.
- Keep macOS and tools updated (
softwareupdate -ia,brew upgrade). - Restrict exposed services — only run what you need; firewall off the rest.
- Protect signing assets — store certificates and provisioning profiles in a dedicated keychain, not in shared locations.
Reporting a security issue
Section titled “Reporting a security issue”Found a vulnerability? Email support@myremotemac.com with details. Please don’t disclose publicly before we’ve had a chance to respond.