#!/bin/sh
datestr=`date -d '2 minutes ago' +"%b %e %H"`
/usr/bin/systemctl restart firewalld
sleep 10
/usr/bin/grep -w "authentication failure" /var/log/secure |/usr/bin/grep "$datestr"|grep rhost|grep pam_unix|awk '{print $14}'|awk -F '=' '{print $2}'|sort|uniq -c|sort -n > iplist
cat iplist|while read line
do
num=`echo $line|awk '{print $1}'`
if [ $num -gt 10 ];then
ip=`echo $line|awk '{print $2}'`
/usr/sbin/iptables -I INPUT -s $ip -j DROP
fi
done
2019-11-14
封禁穷举SSH密码的垃圾
Comments Off on 封禁穷举SSH密码的垃圾
No Comments
No comments yet.
RSS feed for comments on this post.
Sorry, the comment form is closed at this time.