A chronological documentation test project, nothing serious, really!
Dette scriptet er ikke testet samt DoS bør hindres på kernel nivå! A simple rule-based DoS attack-prevention shell script. However, the proposed shell script is not a perfect tool for preventing DoS attacks, but a powerful tool for alleviating DoS attacks overheads of the Linux servers significantly.
By default after a kernel panic Linux just sits there and waits for a user to hit the restart button. That can be a bad thing if it’s a remote server.
date >> ssh-intruders.log ; cat /var/log/secure | grep -i “sshd.*authentication failure” | sort | awk ‘{FS=”rhost=”; print $2}’ | awk ‘{FS=”user=”; print $1}’ | grep “.*\..*\.” | grep -v “knownhost.com” | grep -v “knownhost2.com” | sort | uniq | while read i; do counter=`grep -i “$i” /var/log/secure | wc -l` ; echo “$counter attempts by […]
Sometimes you want to have users, that have access to files on your server, but don’t want them to be able to log in and execute commands on your server.
If you have the Apache webserver running on port 80 that will provide a suitable test candidate. If not you can choose another port you know is in use.