Shulou(Shulou.com)06/01 Report--

1) hackers use brute force cracking tools to remotely attack Linux servers through users

Name and password dictionary, attempt to log in to the Linux server operating system, as an operator

How can members stop hacker attacks?

2) remote login to the Linux server, and the Linux server opens the security log file:

/ var/log/secure records the login status of normal users or hackers, and analyzes the

File to find out the hacker's IP, and log in more than 10 times, add it to the Linux

Blacklist in Iptables Firewall

For i in $(grep "Failed password" / var/log/secure* | grep-oE

"([0-9] {1Magne 3}.) {3} [0-9] {1pr 3}" | sort-n | uniq-c | awk

'{if (($1 > = 10)) print $2}' | grep-v ^ 127); do iptables-I INPUT

4-s $I-j DROP;done

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.