| Linux 防止SSH暴力破解密码 |
#!/bin/bash#Denyhosts SHELL SCRIPT#2013-6-24cat /var/log/secure|awk '/Failed/{print $(NF-3)}'|sort|uniq -c|awk '{print $2"=" $1;}' >/usr/local/bin/Denyhosts.txtDEFINE="10"for i in `cat /usr/local/bin/Denyhosts.txt`doIP=`echo $i|awk -F= '{print $1}'`NUM=`echo $i|awk -F= '{print $2}'`if [ $NUM -gt $DEFINE ]thengrep $IP /etc/hosts.deny >/dev/nullif [ $? -gt 0 ];thenecho "sshd:$IP" >> /etc/hosts.denyfifidone添加到定时任务crontab -e添加定时任务*/2 * * * * /usr/local/bin/denyhosts.sh 执行启动/sbin/service crond start |