封禁穷举SSH密码的垃圾 « Hunter的大杂烩

November 14, 2019

封禁穷举SSH密码的垃圾

Filed under: 技术话题 — hunter @ 6:21 pm

#!/bin/sh


datestr=`date -d '2 minutes ago' +"%b %e %H"`
/usr/bin/systemctl restart firewalld

sleep 10 /usr/bin/grep -w "authentication failure" /var/log/secure |/usr/bin/grep "$datestr"|grep rhost|grep pam_unix|awk '{print $14}'|awk -F '=' '{print $2}'|sort|uniq -c|sort -n > iplist cat iplist|while read line do num=`echo $line|awk '{print $1}'` if [ $num -gt 10 ];then ip=`echo $line|awk '{print $2}'` /usr/sbin/iptables -I INPUT -s $ip -j DROP fi done

Comments Off

No Comments

No comments yet.

RSS feed for comments on this post.

Sorry, the comment form is closed at this time.