This story reminds me of the time I accidentally/naively set up a ssh honeypot when I configured the router I was using at the time (this was a long time ago) to forward incoming SSH connections to a ReadyNAS (which was using a Sun SPARC processor) in my house. I did that so I could log into it while I was away from my house. One day, I ssh'ed in and notice that the ReadyNAS was running very slow which surprised me because I thought it was idle. I checked the CPU usage and the sshd was using 100%. First, I thought it was a bug but it occurred to me I should check my incoming ssh connection attempts in my router log. Turns out there were a ton of ssh connection attempts coming from an IP address assigned to China. In response I changed the router port forwarding for incoming ssh connections to use a non-standard port number, like 55,243, and after that my ReadyNAS was no longer bombarded with ssh connection attempts. Lesson: try to avoid forwarding standard port numbers.