防暴力破解 ssh

 #!/bin/bash

 
log=/var/log/deny/log
log1=/var/log/deny/log1
DEFINE=50
grep 'Failed password' /var/log/secure |awk '{print $(NF-3)}' |sort |uniq -c > $log
iptables -L -n |awk '{print $4}' > $log1
for i in `cat $log|awk '{print $2}'`
do
        NUM=`grep $i $log|awk '{print $1}'`
        if [ $NUM -gt $DEFINE ]
        then
        grep $i /etc/sysconfig/iptables > /dev/null
                if [ $? -gt 0 ]
                then
                iptables -I INPUT -s $i -j DROP
                /etc/init.d/iptables save
                echo $i
                 fi
        fi
done
 
定时5分钟执行一次
 

你可能感兴趣的:(ssh,防暴力破解)