OK here are a few general ideas:

1. Change the password(s) and make them over 15 characters, and complex.
2. Disable the LM hash password support (your friends will have to use Windows 2000 or XP).
3. Update all your software, particularly your operating system.
4. Check your firewall rules. If your friends have static IP addresses then it should be relatively simple to allow them only. If not, then at least try to restrict access to the IP blocks assigned to their ISP.
5. Check your system for trojans and rootkits.
6. Consider data encryption............I don't know what your "accounts" give access to?

I won't bother with the traffic monitoring and IDS stuff, as there are people far more qualified that myself here to do that.

Is your machine physically secure, or can others access it without supervision?

Do you leave your machine turned on and connected to the internet when it is not being used?