1.编写脚本/root/bin/checkip.sh,每5分钟检查一次,如果发现通过ssh登录失败 次数超过10次,自动将此远程IP放入Tcp Wrapper的黑名单中予以禁止防问
crontab -l
*/5 * * * * /bin/bash /data/checkip.sh
cat checkip.sh
#!/bin/bash
#
num=10
cat /var/log/secure |awk '/Failed password/{print $(NF-3)}'|sort |uniq -c |sort >>netstat.log
while read count ip;do
if [ ${count} > ${num} ];then
echo "sshd:${ip}" >>/etc/hosts.deny
fi
done < netstat.log
2.配置magedu用户的sudo权限,允许magedu用户拥有root权限
cat /etc/sudoers.d/test
magedu ALL=(ALL)
来源:CSDN
作者:thetryer
链接:https://blog.csdn.net/qq_29791643/article/details/104524015