Skip to content

Security overview

  • Dedicated physical hardware — your machine is never shared or virtualized between customers, so there are no “noisy neighbour” or cross-tenant risks.
  • DDoS protection at the network edge.
  • Secure data centers with controlled physical access.
  • Key-based authentication support for SSH (Ed25519 / RSA / ECDSA).

For the full security posture, IAM and compliance details, see the security page.

Every instance runs fail2ban in front of SSH and VNC. After 5 failed logins within 10 minutes, the offending IP is banned for 1 hour.

SettingValue
Max retries5
Window (findtime)10 minutes
Ban duration (bantime)1 hour
ServicesSSH (22) and VNC (59010)
Ban actionmacOS packet filter (pf)

This is why connecting with the wrong username, key or port a few times in a row can suddenly cut you off entirely — fix the cause, then retry. If you’re locked out and can’t wait, email support@myremotemac.com with your public IP.

The macOS desktop is served on port 59010 instead of VNC’s default 5900. Most automated scanners only probe 5900, so moving the service off it removes the vast majority of brute-force noise. Always connect with vnc://YOUR-IP:59010.

When you’re connected over VNC, macOS shows “Your screen is being observed” with an icon in the menu bar. This is expected and not a third party — it appears because Screen Sharing / Remote Management is active and a session is connected, and that session is your own VNC connection.

  • Click the menu-bar icon to see exactly which sessions are connected.
  • The indicator turns off when you disconnect.
  • Your machine is dedicated to you — nobody else shares it.

Apple documents this indicator here: support.apple.com/en-us/120315.

You control the OS, so a few steps go a long way:

  1. Use an SSH key for login.
  2. Keep macOS and tools updated (softwareupdate -ia, brew upgrade).
  3. Restrict exposed services — only run what you need; firewall off the rest.
  4. Protect signing assets — store certificates and provisioning profiles in a dedicated keychain, not in shared locations.

Found a vulnerability? Email support@myremotemac.com with details. Please don’t disclose publicly before we’ve had a chance to respond.