Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/bin/bash
- #################################################
- # file: blocksshd.sh #
- # author: Jason Alejandro Barinas Guio #
- # date: September/2011 #
- # alejandro.barinas@gmail.com #
- # Description: Script para realizar #
- # bloqueo de IP's que intenten ingresar por #
- # SSH. #
- #################################################
- pathlogs=/var/log/secure
- hostsfile=/etc/hosts.deny
- ips=`/bin/grep -R "Failed" $pathlogs* | awk '/sshd/ && /Failed password for/ { if (/invalid user/) try[$13]++; else try[$11]++; }END { for (h in try) if (try[h] > USERVAR) print h; }'`
- blockip()
- {
- verify=`/bin/grep -R "$ip" $hostsfile`
- if [ "$verify" == "" ] && [ $ip != "192.168.99.106" ]
- then
- echo "$ip IP NO ESTA"
- echo "sshd:$ip" >> $hostsfile
- else
- echo "$ip IP YA ESTA"
- fi
- }
- for ip in ${ips[*]}
- do
- if [[ $ip = *[[:digit:]]* ]]; then
- #echo "Es una IP valida:$ip"
- blockip $ip
- fi
- done
Add Comment
Please, Sign In to add comment
