标签:攻击 deny
用vim打开编辑文集
vi sshdeny.sh
#!/bin/bash
awk ‘{for(i=1;i<=NF;i++){if($i ~ /rhost/)print substr($i,7)}}‘ /var/log/secure | sort | uniq -c>/root/black.txt
DEFINE="10"
cat /root/black.txt | while read LINE
do
NUM=`echo $LINE |awk ‘{print $1}‘`
host=`echo $LINE |awk ‘{print $2}‘`
if [ $NUM -gt $DEFINE ];
then
grep $host /etc/hosts.deny > /dev/null
if [ $? -gt 0 ];
then
echo "sshd:$host" >> /etc/hosts.deny
echo "vsftpd:$host" >> /etc/hosts.deny
fi
fi
done2. 添加定时任务
每5分钟执行以下该脚本
*/5 * * * * /data/script/sshdeny.sh >/dev/null 2>&1
标签:攻击 deny
原文地址:http://lizhuan.blog.51cto.com/8099531/1784727
