Linux系统利用 hosts.deny 阻止SSH暴力攻击的防护

#!/bin/bash
#
# 基于操作系统《CentOS 6.5_x64最小化安装》的安全和优化脚本
#
# CentOS/RadHat 6+ Debian 7+ and Ubuntu 14+
#
#  Copyright © 2015年10月1日  Email:service@fooher.com
#
#    个人博客: http://www.fooher.com by 运维天涯
#

export PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin

date=`date +%Y%m%d`
securefile="/var/log/secure"
logfile=/data/logs/sshdlog/ip.txt
deny_file=/etc/hosts.deny
LINES=`grep "^sshd:" $deny_file | wc -l`
max=

  [ ! -d /data/logs/sshdlog ] && mkdir -p /data/logs/sshdlog

  if [[ -f $securefile ]]
    then
    grep Failed $securefile | awk '{print $(NF-3)}' | sort -rn | uniq -c | awk '{print $2 "=" $1}'> ${logfile}
  fi

  for a in `cat ${logfile}`
  do
  if [[ `echo $a| awk -F"=" '{print $2}'` -gt $max ]]
  then
  b=`echo $a | awk -F"=" '{print $1}'`
  grep $b ${deny_file} >/dev/null
    if [[ $? != 0 ]]
      then
      echo "sshd:$b" >> ${deny_file}
      echo "$b" | mail -s "报警" hanktod@sina.com
    fi
fi
done
echo;
echo -e "\033[32m [INFO]: 一共禁止 $LINES 个 IP 暴利破解SSHD服务 \033[0m"
echo;