《一线大厂Java面试题解析+核心总结学习笔记+最新讲解视频+实战项目源码》，点击传送门，即可获取！
Jun 5 12:51:19 localhost sshd[10394]: pam_unix(sshd:session): session opened for user root by (uid=

Jun 5 13:03:00 localhost sshd[10428]: pam_unix(sshd:auth): authentication failure; logname= uid=0 e

uid=0 tty=ssh ruser= rhost=192.168.10.1 user=root

Jun 5 13:03:00 localhost sshd[10428]: pam_succeed_if(sshd:auth): requirement “uid >= 1000” not met

by user “root”

Jun 5 13:03:02 localhost sshd[10428]: Failed password for root from 192.168.10.1 port 64400 ssh2

Jun 5 13:03:06 localhost sshd[10428]: pam_succeed_if(sshd:auth): requirement “uid >= 1000” not met

by user “root”

Jun 5 13:03:08 localhost sshd[10428]: Failed password for root from 192.168.10.1 port 64400 ssh2

Jun 5 13:03:14 localhost sshd[10428]: pam_succeed_if(sshd:auth): requirement “uid >= 1000” not met

–More–

• 过滤其它ip，只看登录失败的ip地址

[root@localhost ~]# grep “Failed password” /var/log/secure

Jun 5 13:03:02 localhost sshd[10428]: Failed password for root from 192.168.10.1 port 64400 ssh2

Jun 5 13:03:08 localhost sshd[10428]: Failed password for root from 192.168.10.1 port 64400 ssh2

Jun 5 13:03:16 localhost sshd[10428]: Failed password for root from 192.168.10.1 port 64400 ssh2

Jun 5 13:03:27 localhost sshd[10431]: Failed password for root from 192.168.10.1 port 64438 ssh2

Jun 5 13:15:33 localhost sshd[10442]: Failed password for root from 192.168.10.10 port 49796 ssh2

Jun 5 13:15:38 localhost sshd[10442]: Failed password for root from 192.168.10.10 port 49796 ssh2

Jun 5 13:15:38 localhost sshd[10442]: Failed password for root from 192.168.10.10 port 49796 ssh2

Jun 5 13:15:46 localhost sshd[10444]: Failed password for root from 192.168.10.10 port 49798 ssh2

Jun 5 13:15:50 localhost sshd[10444]: Failed password for root from 192.168.10.10 port 49798 ssh2

Jun 5 13:15:53 localhost sshd[10444]: Failed password for root from 192.168.10.10 port 49798 ssh2

Jun 5 13:15:59 localhost sshd[10446]: Failed password for root from 192.168.10.10 port 49800 ssh2

Jun 5 13:16:00 localhost sshd[10446]: Failed password for root from 192.168.10.10 port 49800 ssh2

Jun 5 13:16:02 localhost sshd[10446]: Failed password for root from 192.168.10.10 port 49800 ssh2

[root@localhost ~]#

• 打印登录失败的ip

[root@localhost ~]# grep “Failed password” /var/log/secure |awk ‘{print$(NF-3)}’

192.168.10.1

192.168.10.1

192.168.10.1

192.168.10.1

192.168.10.10

192.168.10.10

192.168.10.10

192.168.10.10

192.168.10.10

192.168.10.10

192.168.10.10

192.168.10.10

192.168.10.10

[root@localhost ~]#

• 进行排序，统计次数

[root@localhost ~]# grep “Failed password” /var/log/secure |awk ‘{print$(NF-3)}’|sort|uniq -c|sort -nr

9 192.168.10.10

4 192.168.10.1

[root@localhost ~]#

• 匹配恶意登录次数大于5次的ip

[root@localhost ~]# grep “Failed password” /var/log/secure |awk ‘{print$(NF-3)}’|sort|uniq -c|sort -nr|awk ‘{if ($1>=5) print $2}’

192.168.10.10

[root@localhost ~]#

• 对匹配出来的做一个for循环,然后写入防火墙文件

[root@localhost ~]# for i in $(grep “Failed password” /var/log/secure|awk ‘{print $(NF-3)}’|sort|uniq -c|sort -nr|awk ‘{if($1>=5) print $2}’);do sed -i “/lo/a -A INPUT -s $i -j DROP” /etc/sysconfig/iptables ;done

总结

面试题总结

其它面试题（springboot、mybatis、并发、java中高级面试总结等）

《一线大厂Java面试题解析+核心总结学习笔记+最新讲解视频+实战项目源码》，点击传送门，即可获取！
[外链图片转存中…(img-UTziSXNi-1714407491720)]

[外链图片转存中…(img-p7ePVW6n-1714407491720)]

《一线大厂Java面试题解析+核心总结学习笔记+最新讲解视频+实战项目源码》，点击传送门，即可获取！