#!/bin/sh
datestr=`date -d '2 minutes ago' +"%b %e %H"`
/usr/bin/systemctl restart firewalld
sleep 10
/usr/bin/grep -w "authentication failure" /var/log/secure |/usr/bin/grep "$datestr"|grep rhost|grep pam_unix|awk '{print $14}'|awk -F '=' '{print $2}'|sort|uniq -c|sort -n > iplist
cat iplist|while read line
do
num=`echo $line|awk '{print $1}'`
if [ $num -gt 10 ];then
ip=`echo $line|awk '{print $2}'`
/usr/sbin/iptables -I INPUT -s $ip -j DROP
fi
done
November 14, 2019
封禁穷举SSH密码的垃圾
Comments Off on 封禁穷举SSH密码的垃圾
No Comments
No comments yet.
RSS feed for comments on this post.
Sorry, the comment form is closed at this time.