Last week I got an email from the abuse department of my ISP. Their automated message said that there is a service with an exploitable vulnerability running on "one of my devices". Apparently it was SSDP - the Simple Service Discovery Protocol, which can be used to facilitate a DDoS attack.
Their system found that this SSDP service was available on UDP port 32788.
This could be one of the users of my shell server violating the terms of service, or it could be unrelated to the shell server altogether. I tried to log into my modem, and found that the administrative web page would not load. Even though the Internet connection was up, this part of my modem was down. So I power cycled the modem.