So I just checked my IPv4 address at Am I Hacked?, a service that lets you know how many times your IP address has tried to connect to their honeypots. I sorted the results by date and made a bar graph.

I'm not 100% certain that this data actually represents connection attempts from my home network because we have a dynamic IP address. It is worth noting that my ISP has not contacted me, which suggests that they have not detected significant suspicious activity.

My first instinct is to try and identify which device(s) on my network might be infected. I don't think my router supports any kind of activity logging, so that means examining every device.

Our Windows computers have Norton antivirus and firewall software, provided free by our ISP.

Our Linux computers run GUFW for firewalls and do nightly antivirus scans with ClamAV.

Our phones and tablets (running Android and Ios) have no antimalware software that I know of.

We also have various other internet-of-insecure-things devices.

Also, my router (a mid-2009 Apple Airport Extreme) is going to be replaced soon with the far more capable Turris Omnia.

Any recommendations?