|Login Attempts||IP Address||Country|
Remember that the country doesn't actually mean anything. These could be proxies, tor, hacked servers, etc.
The top usernames and passwords are not very surprising.
|Tries||Username / Password|
Probably the most interesting thing is that the first attack was that the first attack was trying some sort of buffer-overflow. Although they were connecting to SSH and sending (weird) user/pass combinations, after the connection was rejected they were sending really long strings. I suspect it is some sort of honeypot detection, or it exploits certain versions of SSH? Not sure.
Anyway, for a 1 hour project it is easy and interesting. Definitely something that students could do in an afternoon.