2. In addition to fail2ban you can download a blocklist, and use
that as
well. I found this public blocklist with a script on how to
automatically block the IPs on the list.
[2]https://gist.github.com/klepsydra/ecf975984b32b1c8291a
+1 to using blocklists. I have been using firehol blocklists in a few
places for some time and been quite happy. https://github.com/firehol
They aggregate IP lists from a number of different sources and make
them
available in a standard format for easy consumption. You can pick and
choose exactly which blocklists to deploy based on whatever criteria
you
come up with.
You can choose to use firehol itself as your firewall framework, or
not.
I built a custom system that manages my firewall, so I can't speak to
how well it works. If you do deploy a blocklist, make sure you are
keeping its content up-to-date so you don't end up miscategorizing
incoming traffic. Some of the blocklists are pretty stable and don't
change much, but others change hourly.