Prevent ssh Brute-force cracking of shell scripts in Centos

Script

#! /Bin/bash
 
Cat/var/log/secure | awk '/Failed/{print $(NF-3 )} '| sort | uniq-c | awk' {print $2 "=" $1;} '>/root/black.txt # filter the ip addresses and times in the Failed status
 
Cat/var/log/secure | awk '/Invalid user/{print $ NF}' | sort | uniq-c | awk '{print $2 "=" $1 ;} '>/root/black.txt # filter the ip addresses and times of Invalid users
 
DEFINE = "20" # The number of allowed times is 20
 
For I in 'cat/root/black.txt'
 
Do
 
IP = 'echo $ I | awk-F = '{print $1 }''
 
NUM = 'echo $ I | awk-F = '{print $2 }''
 
If [$ NUM-gt $ DEFINE];
 
Then
 
Grep $ IP/etc/hosts. deny>/dev/null
 
If [$? -Gt 0];
 
Then
 
Echo "sshd: $ IP">/etc/hosts. deny
 
Fi
 
Fi
 
Done
It is required that the ip address be added to hosts. deny when the logon fails or the number of illegal ip addresses reaches 20.
Because the secure log files are automatically archived every Saturday, we can write a schedule to run this script.
Run at every day

0 1 ***/usr/local/bin/ssh_black.sh 2> & 1>/dev/null