cschantz/Linux-Server-Management-Toolkit
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
a51d9681851e5fcbabfb5abe8906a5f928cf60a7
Linux-Server-Management-Too…/modules/security/ssh-attack-monitor.sh
T
cschantz a51d968185 Initial commit: Server Management Toolkit v2.0 
- Complete security menu restructure (3-mode: Analysis/Actions/Live)
- Intelligent cPHulk enablement with CSF whitelist import
- Live network security monitoring dashboard
- Multi-source threat detection and classification
- 50+ organized security tools across 4-level menu hierarchy
- System health diagnostics with cPanel/WHM integration
- Reference database for cross-module intelligence sharing
2025-11-03 18:21:40 -05:00

16 lines
617 B
Bash
Executable File
Raw Blame History

#!/bin/bash
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")/../.." && pwd)"
source "$SCRIPT_DIR/lib/common-functions.sh"
print_banner "SSH Attack Monitor"
echo ""
echo "Monitoring SSH authentication attempts in real-time..."
echo "Press Ctrl+C to exit"
echo ""
tail -f /var/log/secure | grep --line-buffered -i "failed\|authentication failure" | while read line; do
timestamp=$(echo "$line" | awk '{print $1, $2, $3}')
ip=$(echo "$line" | grep -oE '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' | head -1)
printf "[%s] \033[1;31m%-15s\033[0m %s\n" "$timestamp" "$ip" "$(echo $line | cut -c50-)"
done
Reference in New Issue View Git Blame Copy Permalink