服務器的安全穩(wěn)定是每個運維都希望達到的目標,畢竟網(wǎng)站一旦流量大了,訪問高了,就會有一些無聊人來攻擊,幫忙檢測漏洞是好,但純ddos的性質(zhì)就很惡劣了.說遠了,這篇文章只是檢測有非法ip登錄到服務器上就自動給運維報警,當然也可以改成短信報警,前提是你有短信網(wǎng)關(guān).
#!/bin/bash
#該腳本作用是檢測是否有惡意IP登陸服務器并郵件報警
#可以結(jié)合139郵箱以達到短信及時通知到手機的功能
#適用系統(tǒng)centos5
Ldate=`which date`
Lawk=`which awk`
Llast=`which last`
Lgrep=`which grep`
Lsendmail=`which sendmail`
Lifconfig=`which ifconfig`
serverip=`$Lifconfig eth0|$Lgrep inet|$Lawk -F : '{print $2}'|$Lawk '{print $1}'`
cutdate=`$Ldate |$Lawk '{print $1" "$2" "$3}'`
hackerip=`$Llast|$Lgrep "$cutdate"|$Lawk '{print $3}'|$Lgrep -v 192.168.1x.xx`
if [ -z $hackerip ]
then
exit
else
for logip in $hackerip
do
echo "hacker ip is $logip already login $serverip"|mail -s "SOS"
[email protected] done
fi
