Linux 防止暴力破解ssh的脚本

#! /bin/bash

cat /var/log/secure|awk '/Failed/{print $(NF-3)}'|awk -F ":" '{print $4}'|sort|uniq -c|awk '{print $2"="$1;}' > /tmp/denyhosts
#cat /var/log/secure|awk '/Invalid user/{print $NF}'|awk -F ":" '{print $4}'|sort|uniq -c|awk '{print $2"="$1;}' >> /tmp/denyhosts

hosts=`cat /etc/hosts.deny|awk -F : '{print $2}'`
TIMES="5"

AB='111.111.111.111'

CD='222.222.222.222'
for i in `cat /tmp/denyhosts`
do
IP=`echo $i |awk -F= '{print $1}'`
NUM=`echo $i|awk -F= '{print $2}'`
if [ $NUM -gt $TIMES ];
then
grep $IP /etc/hosts.deny > /dev/null
if [ $? -gt 0 ];
then
echo ok;
if [ "$IP" == "$AB" ] || [ "$IP" == "$CD" ]
then
exit;
else
echo "sshd:$IP" >> /etc/hosts.deny
fi
fi
fi
done

你可能感兴趣的:(linux)