服務(wù)器的安全穩(wěn)定是每個(gè)運(yùn)維都希望達(dá)到的目標(biāo),畢竟網(wǎng)站一旦流量大了,訪問高了,就會(huì)有一些無聊人來攻擊,幫忙檢測(cè)漏洞是好,但純ddos的性質(zhì)就很惡劣了.說遠(yuǎn)了,這篇文章只是檢測(cè)有非法ip登錄到服務(wù)器上就自動(dòng)給運(yùn)維報(bào)警,當(dāng)然也可以改成短信報(bào)警,前提是你有短信網(wǎng)關(guān).
復(fù)制代碼 代碼如下:
#!/bin/bash
#該腳本作用是檢測(cè)是否有惡意IP登陸服務(wù)器并郵件報(bào)警
#可以結(jié)合139郵箱以達(dá)到短信及時(shí)通知到手機(jī)的功能
#適用系統(tǒng)centos5
Ldate=`which date`
Lawk=`which awk`
Llast=`which last`
Lgrep=`which grep`
Lsendmail=`which sendmail`
Lifconfig=`which ifconfig`
serverip=`$Lifconfig eth0|$Lgrep inet|$Lawk -F : '{print $2}'|$Lawk '{print $1}'`
cutdate=`$Ldate |$Lawk '{print $1" "$2" "$3}'`
hackerip=`$Llast|$Lgrep "$cutdate"|$Lawk '{print $3}'|$Lgrep -v 192.168.1x.xx`
if [ -z $hackerip ]
then
exit
else
for logip in $hackerip
do
echo "hacker ip is $logip already login $serverip"|mail -s "SOS" rocdk890@139.com
done
fi
