zoukankan      html  css  js  c++  java
  • Linux安全-通过修改/etc/hosts.deny拒绝远程ssh暴力破解

    1.备份/etc/hosts.deny到/root/hosts.deny.tmp

     
    cp /etc/hosts.deny /root/hosts.deny.tmp
     
    cp /etc/hosts.deny /root/hosts.deny.tmp
     
     

    2.过滤出/ar/log/secure中的错误链接:

    cat /var/log/secure | awk '/^.*(F|f)ailed.*/'|tail -4
     
     
     
    cat /var/log/secure | awk '/^.*(F|f)ailed.*/'|tail -4
     
     

    3.从1中过滤出来IP地址:

    cat /var/log/secure | awk '/^.*(F|f)ailed.*/'|egrep "from ([0-9]+.){3}[0-9]+" -o
     
     
    cat /var/log/secure | awk '/^.*(F|f)ailed.*/'|egrep "from ([0-9]+.){3}[0-9]+" -o
     
     

    4.留下from 好替换成sshd:

     
    cat /var/log/secure | awk '/^.*(F|f)ailed.*/'|egrep "from ([0-9]+.){3}[0-9]+" -o|sed 's#from #sshd:#g'
     
     
     
    cat /var/log/secure | awk '/^.*(F|f)ailed.*/'|egrep "from ([0-9]+.){3}[0-9]+" -o|sed 's#from #sshd:#g'
     
     
     

    5.追加到临文件hosts.deny.tmp中:

     
    cat /var/log/secure | awk '/^.*(F|f)ailed.*/'|egrep "from ([0-9]+.){3}[0-9]+" -o|sed 's#from #sshd:#g' >> /root/hosts.deny.tmp
     
     
    cat /var/log/secure | awk '/^.*(F|f)ailed.*/'|egrep "from ([0-9]+.){3}[0-9]+" -o|sed 's#from #sshd:#g' >> /root/hosts.deny.tmp
     
     

    5.对比两个文件:

     
    
    
    wc -l /root/hosts.deny.tmp /etc/hosts.deny
     
     

    6.去除/root/hosts.deny.tmp重复项: 

    sort /root/hosts.deny.tmp|uniq -w 15 #或者sort -u /root/hosts.deny.tmp
    sort -u /root/hosts.deny.tmp -o hosts.deny.tmp #去除重复并写入

    7.覆盖回/etc/hosts.deny

     
    cp hosts.deny.tmp /etc/hosts.deny
     
    cp hosts.deny.tmp /etc/hosts.deny
     
     
     



  • 相关阅读:
    Hadoop学习笔记—20.网站日志分析项目案例(二)数据清洗
    python四舍五入保留2位小数
    查看python中的keywords(关键字)和modules
    c:forEach实现动态select标签
    解决Windows上数据库密码忘记问题
    Java读取properties文件总结
    URL地址最大长度问题
    Servlet生命周期
    解决mysql 数据库连接密码
    Java中int与integer的区别
  • 原文地址:https://www.cnblogs.com/lj7xun/p/10475549.html
Copyright © 2011-2022 走看看