Did I participate in the recent DDoS attacks on Dyn's DNS service?
Knowing after the fact can be a bit difficult if you are not actively monitoring your network traffic. But there are some things you can do now to determine if you were at risk of being a participant and to mitigate against future participation.
As has been mentioned in a number of places, if your WAN router/bridge/cablemodem/firewall has uPnP turned on, you've definitely opened up your local network to risk. You should turn this off.
For your various devices, if you've left the default administrator password set, you've left yourself open. Change this.
Make sure the firmware on your devices is up to date and expect further updates to come out in the near future.
If you have devices that don't need to communicate on the Internet to "call home," then block them from doing such things; don't give them a default route, add firewall rules, etc.
By most accounts, CCTV (e.g. web cams) were the primary devices infected and utilized. If you have such a device and a list of know offenders can be found here (https://krebsonsecurity.com/2016/10/who-makes-the-iot-things-under-attack/), you might consider taking some action.
Identifying this can be a little difficult, but possible.
Identify the devices in your network
This might sound trivial, but you might be surprised to see some rogue devices you may have even forgotten after connecting it to the router. Check your router logs, connected devices and even do an nmap sweep on the local network and find all the active devices.
Identify the management interfaces
Identify the administrative interfaces for all these devices. Since our focus is on IoT devices, do this step for devices including TVs, refrigerators, IP cams, etc.
Verify whether the access to management interface is restricted.
You might be managing your IP cam using a web application, but it is likely that it may also have an interface which accepts SSH or Telnet connections. Identify these ports and services and make sure that they are not accessible remotely. In other words, make sure that IP forwarding or methods to bypass the NAT are not enabled.
If the devices are IPv6-enabled, a firewall restriction or an authentication challenge must restrict them from being remotely taken over.
Make sure weak passwords, default user accounts and known backdoors are disabled on all externally accessible interfaces.
IP cams are infamous for these kind of issues.
In short, there is no sweet way of identifying whether you were a part of the group which took down a portion of the internet, but there are still ways to stop that from happening again.
The source code of the malware is public, so you can read it and attempt to manually compromise your device using the same exploit as the malware. If you succeed there's a good chance your device was already taking part in the attacks before.
It's not foolproof of course (the malware may be designed by someone smart enough to plug the hole after he gets control of the device) but it's worth a try.