Too Long; Didn't Read
A Honeypot Experiment Shows How long will it take before such a system will be compromised? To find out, I deployed the Cowrie SSH honeypot on an Amazon EC2 instance, with the mocked ssh service on port 2222 directly reachable from the Internet. The amount of connection attempts was over 3,600 during these five days, originating from 37 different source addresses. The map below shows the location of the source addresses, according to ipstack. Several commonly used username/password combinations are granting access.