1.在root创建satools目录
mkdir satools
2.编辑防破解脚本
vi fpj.sh
#!/bin/bash
#zsl -xie
cat /var/log/secure|awk '/Failed/{print $(NF-3)}'|sort|uniq -c|awk '{print $2"="$1;}' > /root/satools/black.txt
DEFINE=""
for i in `cat /root/satools/black.txt`
do
IP=`echo $i |awk -F= '{print $1}'`
NUM=`echo $i |awk -F= '{print $2}'`
if [ $NUM -gt $DEFINE ];then
grep $IP /etc/hosts.deny > /dev/null
if [ $? -gt ];then
echo "sshd:$IP" >> /etc/hosts.deny
fi
fi
done
3.编辑计划任务每两个小时执行一次
crontab -e
*/ * * * sh /root/fpj.sh
4.设置任务开机启动 重启任务
systemctl reload crond.service
systemctl restart crond.service
systemctl enable crond.service
5.查看被ban ip和记录
cat /etc/hosts.deny
cat /var/log/secure
cat /root/satools/black.txt
cat /var/log/secure|awk '/Failed/{print $(NF-3)}'|uniq -c|sort -rn
6.
yum install lrzsz -y
rz
ssh-keygen
cat id_rsa_1024.pub >> .ssh/authorized_keys
7.linux端免密
ssh-keygen -t rsa
ssh-copy-id 192.168.1.219
ssh 192.168.1.219
ssh-copy-id -i ~/.ssh/id_rsa.pub "-p 1122 appl@192.168.1.219"
ssh -p 192.168.1.219
sort用法
https://www.linuxidc.com/Linux/2017-08/146605.htm
子网查询
https://www.sojson.com/convert/subnetmask.html