HOME
art gallery Linkedin Donations Our Recommendations
Login
Premium
Info
Vuln Fact Check Server Managment Links
SSH
Auth.log Debug DNS key share Cheatpapper
Encryption
fido2 Twofish serpent .ssh/config cipher set sshd set cipher
Firewall
IP block list Fail2ban fail2ban Config SELinux SSH Proxy Jump
Tools
Mpiexec Rsync Mosh Glances SSHFS Tmate autossh XQuartz hashcat
VPN
SSH Tunneling Cloudflare Onion Network/Tor sshuttle SSH Proxy Reverse Tunnel SSH Tunnel ssh socksv5 proxy
Keys
CA Info Generate Ed25519 key Certificates keys CA & Host auth Backup Key OTP Hardware key SCP Trezor Ledger Nano X ch341a coldstorage
Tweaks
DNS BASH Zsh ssh client env sshd env config
Configfiles
sshd, Single Node. sshd, Firewall Single Node. sshd, Cloud Firewall Single Node. sshd, Firewall X11. Win 11 OpenSSH Server VMware ESXi Hardening. Dump Space

IP Block List

SSH honeypot / attacker IPs: This section references IPs observed in SSH brute-force activity. Using a centralized list like this helps keep firewalling simpler and more consistent across servers, since you can focus access rules around a smaller set of trusted sources while tracking known noisy/hostile IP ranges.

Source: https://github.com/SamJoan/pwlist

The repository contains collected data from SSH attack traffic (honeypot/brute-force attempts), including lists and groupings derived from attacker activity (e.g., by IP/client) that can be used as a reference for maintaining an IP block list.