Analyzing SSH Brute Force Attempts

I've been using SSH Guard for years to block brute force SSH login attempts against my home network's gateway and have been logging connection attempts to a database. 1270 unique hosts have been tracked (since the last time the database was cleared).

Informal analysis in the past has shown some pretty ridiculous traffic, whole netblocks have systematically attempted logins. Moving to the next sequential IP address when the current one was blocked (not even switching randomly to a new one).

Recent Hosts

Hosts that have been recently seen attempting to brute force SSH logins.
LocationIPCount
πŸ‡¨πŸ‡³ China, Nanjing 218.92.0.173 Revisit
πŸ‡¨πŸ‡³ China, Nanjing 218.92.0.186 Revisit
πŸ‡¨πŸ‡³ China, Hefei 58.242.82.12 Revisit
πŸ‡¨πŸ‡³ China, Beijing 119.18.193.65 New!
πŸ‡¨πŸ‡³ China, Nanjing 218.92.0.132 Revisit
πŸ‡¨πŸ‡³ China, Nanjing 218.92.1.130 Revisit
πŸ‡¨πŸ‡³ China, Hefei 58.242.82.4 Revisit
πŸ‡ΊπŸ‡Έ United States, Boydton 138.91.124.232 New!
πŸ‡»πŸ‡³ Vietnam, Hanoi 117.0.35.153 New!
πŸ‡ΊπŸ‡Έ United States, Los Angeles 192.145.239.51 New!

Attempts over Time