In addition to Weibo, there is also WeChat
Please pay attention
WeChat public account
Shulou
2025-04-05 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Servers >
Share
Shulou(Shulou.com)06/01 Report--
Today, I will talk to you about how to use Shell scripts to solve the production of DOS secure Linux servers. Many people may not know much about it. In order to make you understand better, the editor has summarized the following for you. I hope you can get something according to this article.
Introduction in computer science, Shell, commonly known as shell (used to distinguish it from kernel), refers to software (command parser) that "provides an operating interface for the user"; it is similar to command.com under DOS and later cmd.exe;, which receives user commands and then invokes the corresponding application.
According to the number of web logs or network connections, monitor that when the number of concurrent connections to a certain IP or PV reaches 100 within a short period of time, the firewall command is called to block the corresponding IP, and the monitoring frequency is every 3 minutes.
The firewall command is:
Iptables-I INPUT-s 10.0.0.10-j DROP
Let's start with the Web log.
Analysis of development ideas:
1. Analyze the IP address, and then remove it to determine the number of visits to each IP, and you can put it in the file.
[root@oldboy scripts] # awk'{print $1} 'access_2010-12-8.log | sort | uniq-c | sort-rn | head35 59.33.26.10523 123.122.65.2268 124.115.4.18 [root@oldboy scripts] # awk' {S [$1] +} END {for (k in S) print S [k], k} 'access_2010-12-8.log | sort-rn | head35 533.26.10523 123.65.2268 124.115.4.18
When the number of visits to IP reaches 100, it will be blocked.
If conditional clause is required
Read the deduplicated result file of 1, and use while.
Final answer
[root@oldboy scripts] # cat exam05.shangxue Bash while truedo awk'{S [$1] + +} END {for (k in S) print S [k] K} 'access_2010-12-8.log | sort-rn | head > / tmp/ip.log while read line do ip= `echo $line | awk' {print $2} '`echo $line | awk' {print $1} '`if [$count-ge 36-a `grep-w "$ip" / tmp/drop_$ (date +% F) .ip | wc-l`-lt 1] then iptables-I INPUT-s $ip-j DROP & & echo-e "$ipt `date +% F`" > > / tmp/drop_$ (date +% F) .ip fi done / tmp/ip.log sleep 5done
If it's a web log,
Pull netstat.log test from production environment
[root@oldboy scripts] # awk-F "[:] +'/ EST.*$/ {print $(NF-3)} 'netstat.log | awk' {S [$1] + +} END {for (k in S) print S [k] K}'| sort-rn | head4 118.242.18.1773 123.6.2233 114.250.250.1272 123.244.104.422 121.204.108.1601 59.53.166.1651 58.45.1891 42.95.73.1521 42.196.246.1801 36.46.160.100
If you are working, you can netstat-an | awk-F "[:] +" / EST.*$/ {print $(NF-3)} 'analysis
Final answer
[root@oldboy scripts] # cat exam05.END for while truedo awk-F "[:] +" / EST.*$/ {for $(NF-3)} 'netstat.log | awk' {S [$1] + +} END {for (k in S) print S [k] K}'| sort-rn | head > / tmp/ip.log while read line do ip= `echo $line | awk'{print $2} '`count= `echo $line | awk' {print $1} '`if [$count-ge 36-a `echo-w "$ip" / tmp/drop_$ (date +% F) .ip | wc-l`-lt 1] then iptables-I INPUT-s $ip-j DROP & & echo-e "$ipt `date +% F`" > > / tmp/drop_$ (date +% F) .ip fi done / tmp/ip.log sleep 5done
After reading the above, do you have any further understanding of how to use Shell scripts to solve DOS secure Linux server production? If you want to know more knowledge or related content, please follow the industry information channel, thank you for your support.
Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.
Views: 0
*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.
Continue with the installation of the previous hadoop.First, install zookooper1. Decompress zookoope
"Every 5-10 years, there's a rare product, a really special, very unusual product that's the most un
© 2024 shulou.com SLNews company. All rights reserved.