add the IPs of guys trying to brute force their way into your server sshd to hosts.deny

June 7th, 2018

cat /var/log/auth.log | grep 'sshd.*Invalid' | grep -oE "\b([0-9]{1,3}\.){3}[0-9]{1,3}\b" | sort | uniq -u | xargs printf "ALL: %s\n" >> /etc/hosts.deny 

this is a work in progress. not working yet. permission problem with appending hosts.deny

Leave a Reply

Your email address will not be published. Required fields are marked *