把所有尝试爆破SSH的IP输出到 /www/secure.txt
grep "Failed password for invalid user" /var/log/secure | awk '{print $13}' | sort | uniq -c | sort -nr > /www/secure.txt
屏蔽这些IP
cat /var/log/secure |  grep "Failed password for invalid user" | awk '{print $13}' | sort | uniq -c | sort -n | tail -10 |awk '{print "sshd:"$2":deny"}' >> /etc/hosts.allow 

tail -20 /etc/hosts.allow