There is no substitute for secure passwords AND key-authentication. That being said, Fail2Ban is a great tool for banning IPs of users who attempt to authenticate too many times. It's also available as a pre-built package for most distros. Be warned, you can accidentally get yourself banned, so make sure you have a recovery white-listed IP too or easy console access...
Fail2Ban has several good examples of how-to configure everything you asked... it does not however, have a universal repository of bad addresses. I don't think there is such a repository anyplace due to the ease of getting another IP (dhcp renew/bot-net attacks/etc...). I would also disable logging in via ssh using common 'administrator' type usernames (root/admin/administrator/sysop/etc..) as these are the most commonly banged on.