Hey there, sorry if the point isn't clear, but, at least in my experience, the situation was different 10 years ago, there weren't as many bots, and you had to be guilty of success before being targeted. Nowadays all you need to do to be a target for bots is to exist.
If its known for 10 years and not repeated, imagine how many people could benefit from hearing it for the first time (or since it's useful to hear this 5 times how many still need 4 more times)
I've run a home server as a remote programming environment for a year now and I've never bothered to look at the logs. It was cool to see.
While it's obvious to ppl who have used tech for years, with YouTube and how easy it is to pick up programming and start a simple raspberry pi project, there's lots of new ppl to this field who just aren't aware that their home network is being queried constantly.
The number of unauthorized SSH attempts will also very much depend on your IP address.
I've hosted my own SSH server at home and from a university dorm room. At university, I'd get way more attacks (usually from foreign IPs) than at home. Also, on IPv6-only, I got zero attacks. I run everything behind a Wireguard VPN now, so I don't know how things have changed in the past few years.
It would be interesting to see an analysis of attempts based on IP address type (residential, business, various universities, various clouds). How does the number of attacks compare within and between these categories? Perhaps there could be a cool graphic with arrows (or some other indicator) showing where attacks are coming from and targeting.
I had enabled the port forwarding on my home router for 5 hours, so I could get into my home server. I saw exactly same log pattern on my server’s ssh logs.
