About 5 years ago I opened a port to run a test.

Within hours it was getting hammered (probably by scripts) trying to figure out what that port was forwarded to, and trying to connect.

I closed the port about a week later, but not before that poor consumer router was overwhelmed with the hits.

I closed the port after a week. For the next 2 years I’d get hammered with scans occasionally.

There are tools out there continually looking for open ports, they probably get added to a database and hackers/script kiddies, whoever, will try to get in.

Whats interesting is I did the same thing around 2000 with a DSL connection (which was very much a static address) and it wasn’t an issue even though there were fewer always-on consume connections.