linux 系统安全防范

添加黑名单

找出非法的登录尝试

less /var/log/secure | grep 'Did not receive'

找出频繁的 IP,例如 192.168.11.112,打开 /etc/hosts.deny,添加该 IP:

sshd:192.168.11.112

查看其他

正常登录

less /var/log/secure | grep 'Accepted'

密码有误

less /var/log/secure | grep 'Failed password'