centos下防止暴力破解ssh
发布时间:2013-04-21 23:07:55 所属栏目:Linux 来源:站长网
导读:centos rhel下如下 #! /bin/bash cat /var/log/secure|awk '/Failed/{print $(NF-3)}'|sort|uniq -c|awk '{print $2=$1;}' /root/black.txt cat /var/log/secur
centos rhel下如下
#! /bin/bash
cat /var/log/secure|awk '/Failed/{print $(NF-3)}'|sort|uniq -c|awk '{print $2"="$1;}' > /root/black.txt
cat /var/log/secure|awk '/Invalid user/{print $NF}'|sort|uniq -c|awk '{print $2"="$1;}' >> /tmp/black.txt
DEFINE="20"
for i in `cat /root/black.txt`
do
IP=`echo $i |awk -F= '{print $1}'`
NUM=`echo $i|awk -F= '{print $2}'`
if [ $NUM -gt $DEFINE ];
then
grep $IP /etc/hosts.deny > /dev/null
if [ $? -gt 0 ];
then
echo "sshd:$IP" >> /etc/hosts.deny
fi
fi
done
opensuse下如下
#! /bin/bash
cat /var/log/messages|awk '/error: PAM: Authentication failure/{print $NF}'|sort|uniq -c|awk '{print $2"="$1;}' > /tmp/black.txt
cat /var/log/secure|awk '/Invalid user/{print $NF}'|sort|uniq -c|awk '{print $2"="$1;}' >> /tmp/black.txt
DEFINE="10"
$2"="$1;}' >> /tmp/black.txt
for i in `cat /tmp/black.txt`
do
IP=`echo $i |awk -F= '{print $1}'`
NUM=`echo $i|awk -F= '{print $2}'`
if [ $NUM -gt $DEFINE ];
then
grep $IP /etc/hosts.deny > /dev/null
if [ $? -gt 0 ];
then
echo "sshd:$IP" >> /etc/hosts.deny
fi
fi
done
效果不错 本文出自 “itnihao的运维技术博客” 博客,请务必保留此出处http://itnihao.blog.51cto.com/1741976/745951 (编辑:佛山站长网) 【声明】本站内容均来自网络,其相关言论仅代表作者个人观点,不代表本站立场。若无意侵犯到您的权利,请及时与联系站长删除相关内容! |
