Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/bin/bash
- # Author: wuseman <wuseman@nr1.nu>
- # Simple script for monitor ssh brute attempts, fixed this for some stranger on fcebook for fun.
- # Output: [2011-01-01 - 19:01:10] Someone have tried to login from <xx.xx.xx.xx> user=username
- while true; do
- inotifywait -r -q --format %w /var/log/auth.log|grep -i "Failed password for"|tail -n 1|grep -oE '\b([0-9]{1,3}\.){3}[0-9]{1,3}\b'
- echo -e "[$(date +%Y-%m-%d\ -\ %H:%M:%S)] - Someone tried to login from \e[1;31m$(cat /var/log/auth.log|grep "authentication failure; l"|awk -Frhost= '{print $2}'|tail -n 1 )\e[0m"
- # adda din iptabls oneliner hรคr
- # # /sbin/iptables -I INPUT -i eth1 -s $VARIABEL -j DROP
- done
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement