Shell ·

Linux系统利用 hosts.deny 阻止SSH暴力攻击的防护

#!/bin/bash## 基于操作系统《CentOS 6.5_x64最小化安装》的安全和优化脚本## CentOS/RadHat 6+ Debian 7+ and Ubuntu 14+## Copyright © 2015年10月1日 Email:service@fooher.com## 个人博客: http://www.fooher.com by 运维天涯#export PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbindate=`date +%Y%m%d`securefile="/var/log/secure"logfile=/data/logs/sshdlog/ip.txtdeny_file=/etc/hosts.denyLINES=`grep "^sshd:" $deny_file | wc -l`max= [ ! -d /data/logs/sshdlog ] && mkdir -p /data/logs/sshdlog if [[ -f $securefile ]] then grep Failed $securefile | awk '{print $(NF-3)}' | sort -rn | uniq -c | awk '{print $2 "=" $1}'> ${logfile} fi for a in `cat ${logfile}` do if [[ `echo $a| awk -F"=" '{print $2}'` -gt $max ]] then b=`echo $a | awk -F"=" '{print $1}'` grep $b ${deny_file} >/dev/null if [[ $? != 0 ]] then echo "sshd:$b" >> ${deny_file} echo "$b" | mail -s "报警" hanktod@sina.com fifidoneecho;echo -e "\033[32m [INFO]: 一共禁止 $LINES 个 IP 暴利破解SSHD服务 \033[0m"echo;

评论已关闭