美文网首页
linux作业11

linux作业11

作者: 绊倒铁盒_ddbb | 来源:发表于2020-02-24 15:18 被阅读0次

    1、编写脚本/root/bin/checkip.sh,每5分钟检查一次,如果发现通过ssh登录失败 次数超过10次,自动将此远程IP放入Tcp Wrapper的黑名单中予以禁止防问

    [root@localhost bin]# cat checkip.sh 
    #!/bin/bash
    #
    #********************************************************************
    #Author:        wang
    #QQ:            913520405
    #Date:          2020-02-24
    #FileName:      checkip.sh
    #URL:           https://www.jianshu.com/u/28ec0e3dbc64
    #Description:       The test script
    #Copyright (C):     2020 All rights reserved
    #********************************************************************
    lastb | grep "ssh:" | awk '{print $3}' | sort |\
    awk '{count[$1]++} \
    END{for (ip in count)if(count[ip]> 3) system("echo sshd:"ip" >> /etc/hosts.deny")}'
    [root@localhost bin]# crontab -l
    */5 * * * *  sh /data/ddos_monitor.sh
    */5 * * * *  sh /root/bin/checkip.sh
    
    

    2、配置magedu用户的sudo权限,允许magedu用户拥有root权限

    
    [root@localhost bin]# visudo 
    ## Allow root to run any commands anywhere
    root    ALL=(ALL)       ALL
    magedu ALL=(ALL)        ALL
    #给magedu账号配置sudo权限
    
    [root@localhost bin]# su - magedu
    Last login: Mon Feb 24 21:58:08 CST 2020 on pts/6
    [magedu@localhost ~]$ cat /etc/shadow
    cat: /etc/shadow: Permission denied
    [magedu@localhost ~]$ sudo cat /etc/shadow | head
    root:$6$QuVqUjj6fZf9P8rt$6AI1eYeca9c8m9mc.i.............................
    #验证
    
    
    
    

    相关文章

      网友评论

          本文标题:linux作业11

          本文链接:https://www.haomeiwen.com/subject/vorrqhtx.html