I was inspired by the Mailinator Spam Map to do something similar with attempts to break into my server.
I’ve been using a tool called DenyHosts to monitor the logs and block any IP addresses from which someone attempts to mount a brute-force SSH attack—something that happens disturbingly often. Being a person who hates to see data pile up without being analysed, I thought that it would be interesting to see how these attackers are distributed geographically.
It’s worth noting that the pins on the map don’t indicate malicious intent per se: these attacks tend to be mounted from already-compromised hosts. Thus, it’s more an indication of poor server administration than anything else. The results also support the widely-held view that China and South Korea have a particular problem with poorly-secured servers.