Use ssh in linux to shield malicious connections

In linux, how does ssh shield some people from using software to maliciously crack our server connection password?

In linux, how does ssh shield some people from using software to maliciously crack our server connection password?

A bash script is provided to shield IP addresses after malicious users attempt to connect multiple times.

The basic idea of the script is: if the general scanning ssh log file matches a record with the Failed keyword, if more than 100 times, the IP address will be saved to the/tmp/ssh.txt file, and the ssh.txt on this side will be given the write permission.

First, we create a script named defessh. sh. the script content is as follows:

Shell #! /Bin/bash cat/var/log/secure | grep "Failed" | awk '{print $(NF-3 )} '| sort | uniq-c | sort-rn | awk' $1> 100 {print $2} '>/tmp/ssh.txt for I in $ (cat/tmp/ssh.txt) do grep-q $ I/etc/hosts. deny if [[t $? ! = T0] then echo "sshd :$ {I}">/etc/hosts. deny fi done

12345678910

#! /Bin/bashcat/var/log/secure | grep "Failed" | awk '{print $(NF-3 )} '| sort | uniq-c | sort-rn | awk' $1> 100 {print $2} '>/tmp/ssh.txt for I in $ (cat/tmp/ssh.txt) do grep-q $ I/etc/hosts. deny if [[t $? ! = T0] then echo "sshd :$ {I}">/etc/hosts. deny fidone

We can put it in the/root directory

Then, the Linux scheduled task is used for scheduled execution.

Shell # ssh check */1 *****/bin/bash/root/defessh. sh

12	# Ssh check */1 *****/bin/bash/root/defessh. sh

In this way, we can use scripts to block malicious connections.