1、編寫腳本selinux.sh，實(shí)現(xiàn)開啟或禁用SELinux功能

#!/bin/bash
status=`getenforce`
if [ "#status" == "disble" ];then
    echo "disable,"
    sed -ri 's/^(SELINUX=).*$/\1enforcing/' /etc/selinux/config
else
    echo "not disable"
    sed -ri 's/^(SELINUX=).*$/\1disbaled/' /etc/selinux/config
fi

2、統(tǒng)計(jì)/etc/fstab文件中每個(gè)文件系統(tǒng)類型出現(xiàn)的次數(shù)

 awk ' /^[^#]/ {print $3}' /etc/fstab | sort  |uniq -c

3、提取出字符串Yd$C@M05MB%9&Bdh7dq+YVixp3vpw中的所有數(shù)字

echo "Yd$C@M05MB%9Bdh7dq+YVixp3vpw" | grep  -o [0-9]

4、解決DOS攻擊生產(chǎn)案例:根據(jù)web日志或者或者網(wǎng)絡(luò)連接數(shù)，監(jiān)控當(dāng)某個(gè)IP 并發(fā)連接數(shù)或者短時(shí)內(nèi)PV達(dá)到100，即調(diào)用防火墻命令封掉對(duì)應(yīng)的IP，監(jiān)控頻 率每隔5分鐘。防火墻命令為:iptables -A INPUT -s IP -j REJECT

#!/bin/bash
while true
do
 netstat -an|grep ESTABLISHED|awk -F '[: ]+' '{print $6}'|sort|uniq -c|sort|while read line
   do
     ip=`echo $line|awk '{print $2}'`
     count=`echo $line|awk '{print $1}'`
     if [ "$count -ge 100 ] && [ `iptables -L -n|grep "$ip"|wc -l` lt 1 ];then
      iptables -I INPUT -s "$ip" -j DROP
     echo $ip is DROP >> drop_list.log
    # fi
   done
sleep 60
done

`