CentOS7防止恶意破解root账户的脚本
时间:2017-02-14 01:47 来源:linux.it.net.cn 作者:IT
#!/bin/bash
#Denyhosts SHELL SCRIPT
#2017-01-24
#
#When a IP is accessed 50 times through sshd, it is written to the hosts.deny file,
#which prohibits the IP from connecting to the host via sshd
#
#Add to timing task
cat /var/log/secure | awk '/Failed/{print $(NF-3)}' | sort | uniq -c | awk '{print $2"="$1;}' > /root/black.txt
DEFINE=50
for i in $(cat /root/black.txt)
do
IP=$( $i | awk -F'=' '{print $1}')
NUM=$( $i | awk -F'=' '{print $2}')
if [$NUM -gt $DEFINE]; then
grep $IP /etc/hosts.deny > /dev/null
if [$? -gt 0];then
echo "sshd:$IP" >> /etc/hosts.deny
fi
fi
done (责任编辑:IT)
| #!/bin/bash #Denyhosts SHELL SCRIPT #2017-01-24 # #When a IP is accessed 50 times through sshd, it is written to the hosts.deny file, #which prohibits the IP from connecting to the host via sshd # #Add to timing task cat /var/log/secure | awk '/Failed/{print $(NF-3)}' | sort | uniq -c | awk '{print $2"="$1;}' > /root/black.txt DEFINE=50 for i in $(cat /root/black.txt) do IP=$( $i | awk -F'=' '{print $1}') NUM=$( $i | awk -F'=' '{print $2}') if [$NUM -gt $DEFINE]; then grep $IP /etc/hosts.deny > /dev/null if [$? -gt 0];then echo "sshd:$IP" >> /etc/hosts.deny fi fi done (责任编辑:IT) |