I think my home network may be compromised, please advise
When I go to iknowwhatyoudownload.com, a bunch of stuff shows up for my IP that’s definitely not being downloaded by anyone in my house (foreign language torrents). Aside from that my router (AT&T Arris BGW210) needs to be restarted about once a week, due to some kind of dhcp issue. The most recent event seemed bad - none of my devices had internet, they could all talk to each other, and my ONT activity light was flickering steadily. During this time I had no access to the router, even plugged in directly to LAN. Fixed by a restart but no idea what was going on.
The DHT torrent thing has been happening for months and the router thing could just be that AT&T sucks. I have no other evidence that something is wrong.
I could buy a firewall and put it downstream of the AT&T equipment.
I could switch internet providers, get a new IP address and router, and see if that fixes it.
Should I try to figure out what’s going on or just keep restarting the router once a week and ignore the DHT hits from my static IP?
I didn't know that site. It shows my IP being in a different country from either where I actually am, and where I say I am. It's laden with trackers from Google, Twitter, and Bootstrap. UblockOrigin blocked that garbage.
Trying it two times it changed continents (I have not). Seems like bs to me.
Mine was accurate in terms of IP, network, etc (I checked on my phone's data plan), but the torrents made no sense. I clicked on one and it had a list of IPs, and none were associated with mine.
I'm guessing it's all made up nonsense, outside the IP address itself. Granted, it's possible people are torrenting large files on my carrier's data plan, I just don't think it's likely so much has been downloaded in the last day or so with this IP.
Your site looks more reasonable, OP's looks kinda sketchy.
I know what my public IP is, and it's static, and listed correctly on IKWYD. The premise of the site is that torrent magnet links use distributed hash tables (DHT), which gives a public list of IP addresses who have participated in a particular torrent. Given that I have a static IP address, I'm not sure how it would be possible for my IP to show up, unless somebody is using my router as a proxy.
The DHT is what the torrent client uses to connect to peers. Any invalid IP entry should make that peer unreachable. But maybe some clients have a way to start a download connection, while providing a false IP for the upload connection. I’m not sure how it works exactly.