The trial replacement, Agentium's Outpost, didn't report any unusual outgoing traffic either but soon had me screaming at it: it'd usually let Opera see the web on every account except my 'user' one - my 'admin' account and everyone else's 'user' one, yes, my user one no. Sometimes, just to annoy me, it'd change its mind about that and allow it... for about 30 minutes. It got uninstalled quickly.
So... try Zone Alarm Pro, and password protect the 'close down' commands. Nope, it'd still close itself down.
Combined with the problems inherent in trying to connect L12's PC to the net via mine using a cable just too big to fit through the hole in the wall, and it was time to bite the bullet and get a router. A wireless one, for L12's PC and any laptop I may end up with.
And it looks like the wired bits (my PC to it, it to the modem box) work. Once I made the modem accept that something had changed on this side of it by power cycling it, anyway.
Its logs do confirm again just how often anyone on the net gets port scanned. Do other people just accept this, or do you see which port(s) are being attacked, make a guess as to which exploit the other end fell prey to and send a suitable something back?
Tomorrow... wireless. Fingers crossed.
Any tips? Stop unknown MACs connecting, use the better WPA encryption, get the router to hide the network's name... anything else?