NOTE: Updated 11/15/2016
Unusually so, actually. Some of the methods may be working. Attack vectors cycle through periodically, some brute forcing the root, some brute forcing non-existent accounts. I still haven't figured out how to trap the password strings coming in on the brute forcing. Majority of attacks last week from CN, then US.
The activity has changed to the on-line servers, where I occasionally get DOS attacks. The GoDaddy servers throttle down if they sense one going on, but sometimes mistake valid activity for a DOS attack. All that takes latency to a 3-7 second level, which is OK as long as it stays on the lower end.
A new tool that I'm learning is Metasploit. An excellent penetration testing tool, but with a fairly steep learning curve. Maybe one of these days I'll make enough money to buy the pro version…