问题:给朋友的一个安全类脚本,为了防止被其他IP通过ssh手段连接服务器或受到的骚扰。
以下是在CentOS release 6.3 x64系统一个外网论坛上测试的结果。
# cat hosts_deny.sh
-----------------------------------------------------------------------
#!/bin/bash #Host.deny Shell Script #2013-08-24
cat/var/log/secure| awk'/Failed/{print $(NF-3)}'|
sort| uniq-c | awk'{print $2 "=" $1;}'> /tmp/black_ip.txt
DEFINE=10 fori in`cat/tmp/black_ip.txt` do
IP=`echo$i
| awk-F= '{print $1}'`
NUM=`echo$i | awk-F= '{print
$2}'` if[ $NUM -gt $DEFINE ]
then
grep$IP
/etc/hosts.deny > /dev/null
if[ $?
-gt 0 ]
then
echo"sshd:$IP">>
/etc/hosts.deny
fi
fidone
-----------------------------------------------------------------------# crontab -l
*/1* * * * sh /shell_script/hosts_deny.sh
-----------------------------------------------------------------------# grep sshd /etc/hosts.deny
sshd:116.10.202.163 sshd:116.10.202.169 sshd:118.26.203.66 sshd:119.80.39.55
sshd:202.203.194.45 sshd:219.148.36.20 sshd:60.190.219.98 sshd:61.155.177.58
sshd:67.205.111.20 sshd:70.34.202.31 sshd:77.65.0.86