搜索到
1
篇与
的结果
-
Linux防爆破ssh脚本-通过修改/etc/hosts.deny实现 注意:需要使用root用户身份操作1.ubuntu方式脚本编写mkdir /script vim /script/checkBlackIp.sh#!/bin/sh lastb |awk '/ssh/{print $3}' |sort |uniq -c |awk '{print $2"="$1}' >/script/black.list for i in `cat /script/black.list` do IP=`echo $i |awk -F= '{print $1}'` NUM=`echo $i |awk -F= '{print $2}'` echo $IP:$NUM if [ $NUM -gt 2 ]; then grep $IP /etc/hosts.deny >/dev/null if [ $? -gt 0 ];then echo "sshd:$IP:deny" echo "sshd:$IP:deny" >>/etc/hosts.deny fi fi done手工运行测试sudo bash /script/checkBlackIp.sh定时2分钟执行1次crontab -e# 加入如下内容 */2 * * * * root sh /script/checkBlackIp.sh2.centerOS方式脚本编写mkdir /script vim /script/checkBlackIp.sh#!/bin/bash cat /var/log/secure|awk '/Failed/{print $(NF-3)}'|sort|uniq -c|awk '{print $2"="$1;}' > /script/black.txt for i in `cat /script/black.list` do IP=`echo $i |awk -F= '{print $1}'` NUM=`echo $i |awk -F= '{print $2}'` echo $IP:$NUM if [ $NUM -gt 2 ]; then grep $IP /etc/hosts.deny >/dev/null if [ $? -gt 0 ];then echo "sshd:$IP:deny" echo "sshd:$IP:deny" >>/etc/hosts.deny fi fi done手工运行测试sudo bash checkBlackIp.sh定时2分钟执行1次crontab -e# 加入如下内容 */2 * * * * root sh /script/checkBlackIp.sh参考资料Linux Contos Ubuntu防爆破ssh脚本
