Linux 防止SSH暴力破解密码

admin   ·   发表于 8个月前   ·   Linux
vim /usr/local/bin/denyhosts.sh


写入下面的内容:

  1. #!/bin/bash
  2. #Denyhosts SHELL SCRIPT
  3. #2013-6-24
  4. cat /var/log/secure|awk '/Failed/{print $(NF-3)}'|sort|uniq -c|awk '{print $2"=" $1;}' >/usr/local/bin/Denyhosts.txt
  5. DEFINE="10"
  6. for i in `cat /usr/local/bin/Denyhosts.txt`
  7. do
  8. IP=`echo $i|awk -F= '{print $1}'`
  9. NUM=`echo $i|awk -F= '{print $2}'`
  10. if [ $NUM -gt $DEFINE ]
  11. then
  12. grep $IP /etc/hosts.deny >/dev/null
  13. if [ $? -gt 0 ];
  14. then
  15. echo "sshd:$IP" >> /etc/hosts.deny
  16. fi
  17. fi
  18. done


添加到定时任务:

  1. crontab -e

添加定时任务:

  1. */2 * * * * /usr/local/bin/denyhosts.sh

执行启动:

  1. /sbin/service crond start


0 Reply   |  Until 8个月前 | 489 View
LoginCan Publish Content