題目描述:
猜密碼:遠程連接,如果猜錯密碼超過五次,就拒絕訪問
實現描述:
通過查看日誌,找到相應ip地址的失敗記錄,累加次數超過五次的將這個ip地址丟到/etc/hosts.deny文件中,寫法是:sshd:ip
#!/bin/bash
for ip in $(cat /var/log/secure |grep "Failed password" |awk '{print $11}'|sort
-rn |uniq -c|awk '{print $2}')
do
num=$(cat /var/log/secure |grep $ip |grep "Failed password" |wc -l)
if (($num>=5))
then
echo "$ip has been refused access,failed password:$num"
if ! cat /etc/hosts.deny |grep $ip &>/dev/null
then
echo "sshd:$ip" >>/etc/hosts.deny
fi
fi
done