I've now asked my ISP if they can think of anything that might provide an explanation for what I'm observing but the only thing suggested was that some of the Internet indicator activity might be due to the router's 'keep alive' feature, which is where the router from time to time sends one or more packets in the direction of the Internet during idle periods which effectively say, "this is confirming that I'm still here and so please keep the connection going." But apparently these wouldn't be being sent all the time in the idle situations. Whether or not 'keep alive' signalling actually stretches beyond the exchange and right back to the ISP's network I'm not sure myself; my guess is that it wouldn't, and so wouldn't stimulate the Internet indicator.
My ISP has offered to give me an alternative IP if I wish, but if the problem in hand has arisen through being given an IP that'd previously been hammered and maybe exploited, then what's to say that any new IP might also have had a dubious history, perhaps worse than my present one?
I've had a look in my router's logs. In the system log I found the usual succession of somewhat cryptic messages, but nothing that looked suspicious to me. The security log was a different story - it had absolutely nothing in it - which I reckon is mighty odd. (I did clear both logs about 2 days ago, though).
As for shodan, I've had a brief look at the site. Can you vouch for the site's general integrity? I mean, have you used it yourself in the manner you suggested and, if so, how did you deal with the obvious issue that you'd be doing the one thing you'd never normally dream of ever doing - publishing, or at least leaving, your IP address on a website (regardless of whether it might be publicly viewable)? But there again, isn't someone's IP address quite easily determined from a Who Is- type lookup of their e-mail address?
Perhaps, in my old age, I'm just getting paranoid about Internet security?
Edited by meditator (Tue 07-Mar-17 00:12:39)