CentOS7防止恶意破解root账户的脚本,centos7root

文章由LinuxBoy分享于2019-04-04 08:04:02热评（321）

#!/bin/bash

#Denyhosts SHELL SCRIPT

#2017-01-24

#When a IP is accessed 50 times through sshd, it is written to the hosts.deny file,

#which prohibits the IP from connecting to the host via sshd

#Add to timing task

cat /var/log/secure | awk '/Failed/{print $(NF-3)}' | sort | uniq -c | awk '{print $2"="$1;}' > /root/black.txt

DEFINE=50

for i in $(cat /root/black.txt)

IP=$( $i | awk -F'=' '{print $1}')

NUM=$( $i | awk -F'=' '{print $2}')

if [$NUM -gt $DEFINE]; then

grep $IP /etc/hosts.deny > /dev/null

if [$? -gt 0];then

echo "sshd:$IP" >> /etc/hosts.deny

done

推荐文章：