HPCsec threat exchange
Where we share some of our operational cyber threat intelligence relating to high performance computer systems
Latest known bad SSH IPs: sshbrute-latest.txt - a list of IPs known to be targeting internet facing SSH servers (refreshes automatically every hour, rolling 30 day list)
Known bad SSH keys: bad-ssh-keys_pub.txt - a list SSH keys used by botnets and various generic actors, does not include keys from targeted attacks (refreshes ad-hoc)
Hosts distributing Linux malware: linux-malware-distribution_IPs.txt - IPs distributing Linux malware (refreshes ad-hoc)
The data in these feeds is captured from the HPCsec sensor network. It is free to use for any purpose but comes with no warranties and you use it at your own risk
