linux：watchdog_secure.sh

2024年1月21日 113次阅读来源: 随风化作雨

#!/bin/bash -

#########################################################################################
# watchdog_secure.sh
# 防暴力破解程序,防范远程扫描和暴力破解
# version:1.0
# update:20171123
#########################################################################################

protect_time=600

function set_sshd_protect() {
    sshd_protect=`cat /root/eGW/networkcfg.conf |grep '^set_sshd_protect_enable' |awk '{ print $2 }'`
    HEAD=$(lastb|grep ssh|head -n 20|tail -n 1|awk '{print $5" "$6" "$7}')
    echo $HEAD
    TIME=$(($(date +%s)-$(date +%s -d "$HEAD")))
    echo $TIME
    if [ $TIME -lt 600 ]; then
        time_all=`date +%Y-%m-%d' '%H:%M:%S`
        echo $time_all "login error too much!" >> /root/eGW/Logs/watchdog/secure.log
        if [[ $sshd_protect -eq 1 ]];then
            lastb|grep ssh|head -n 20 |awk '{ip[$3]++}END{ for(key in ip){ if(ip[key]>5){print key}}}' >> /root/eGW/Logs/watchdog/secure.txt
            cat /root/eGW/Logs/watchdog/secure.txt |sort |uniq > /root/eGW/Logs/watchdog/secure_sort.txt
            mv /root/eGW/Logs/watchdog/secure_sort.txt /root/eGW/Logs/watchdog/secure.txt
            echo "#hosts.deny" > /etc/hosts.deny
            while read line
            do
                echo "sshd:"$line >> /etc/hosts.deny
            done < /root/eGW/Logs/watchdog/secure.txt 
        fi
    fi  
}



function protect_while() {
    while true
    do
        set_sshd_protect
        systemctl restart sshd
        sleep $protect_time
    done
}

#set_sshd_protect
protect_while &

    原文作者：随风化作雨
    原文地址: https://www.jianshu.com/p/409bb952bd0f
    本文转自网络文章，转载此文章仅为分享知识，如有侵权，请联系博主进行删除。