要求如下:
一个小时内,连续密码错误4次。
Linux lastb 命令用于列出登入系统失败的用户相关信息。
实验过程如下:
1. 创建两个IP地址不同的干净环境,分别是:192.168.46.101 Rocky 2 和 192.168.46.120 openEuler 2.
2. 在192.168.46.101 Rocky 2上使用,ssh远程登录,并且4次输错密码,创建实验环境。
[root@localhost ~]# ssh root@192.168.46.120 The authenticity of host '192.168.46.120 (192.168.46.120)' can't be established. ED25519 key fingerprint is SHA256:0yjHp21zOpFhOEawwT35iA0huZMZTxvnVnCn28UUI3Y. Are you sure you want to continue connecting (yes/no/[fingerprint])? yes Warning: Permanently added '192.168.46.120' (ED25519) to the list of known hosts. Authorized users only. All activities may be monitored and reported. root@192.168.46.120's password: Permission denied, please try again. root@192.168.46.120's password: Permission denied, please try again. root@192.168.46.120's password: root@192.168.46.120: Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password). [root@localhost ~]# ssh root@192.168.46.120 Authorized users only. All activities may be monitored and reported. root@192.168.46.120's password: Permission denied, please try again. root@192.168.46.120's password: Permission denied, please try again. root@192.168.46.120's password: root@192.168.46.120: Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password). [root@localhost ~]# [root@localhost ~]#在192.168.46.120 openEuler 2上进行查看。-- linux系统SSH 登录失败的内容会记录到/var/log/secure文件。
发现,实验环境已经创建成功!
3. 根据题目编写shell脚本。 --- 在192.168.46.120 openEuler 2上的/mnt/目录下创建deny_ip_v2.sh 编写脚本。
#!/bin/bash lastb | egrep -v "^btmp|^$|Fri" | awk '{++IP[$3]} END {for (k in IP)if (IP[k]>=4) print k}' > deny_ip.txt while read line do iptables -L -n | tr -s " " | awk -F'[ :]' '/^DROP/ && $NF=22 {print $4}' | sort -u > temp_ip.txt if ! grep -w $line temp_ip.txt &> /dev/null then iptables -I INPUT -p tcp --dport 22 -s $line -j DROP fi done < deny_ip.txt rm -f deny_ip.txt temp_ip.txt4. 进行测试
在192.168.46.101 Rocky 2上进行登录,发现登陆失败。
到此试验结束!!!
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
