The good news is this – we’re now up to 30 subscribers on the neighborhood wifi.

With an average of 1.75 users online at any given moment:

I’ve also started working on writing a Netflow analyzer application, based off a similar application I wrote for work.  At the current time, this version  only streams real-time connection endpoints and DNS statistics (last resolved sites, most resolved sites), as well as detects TCP SYN scans. Each flow record is also colorized (similar to what you would see in Wireshark), to further categorize the type of connection.

Instead of calling the gethostbyaddr() function on a destination IP  (which simply pulls a PTR record, and in the world of vhosts is a poor representation of where a user is actually connecting),  subscriber DNS queries are syslogged offsite and parsed.  The Netflow Live application I’m building uses those parsed and stored queries to give a fairly accurate determination of what site is being visited when.

Visited URLs could also be determined and logged  if a transparent Squid proxy was utilized on the Access Points. I have NO intention of doing this, however. I’m only concerned with endpoints and protocols being used. The number one protocol in use on the network:  HTTP (Shocking!)

For those of you unfamiliar with Netflow, it’s a solution put forth by Cisco for IP traffic profiling. The two main elements are an exporter (usually a router) and a collector (which the exporter sends flow data to). Netflow does not include data  payloads , ONLY a log of the endpoints used in each connection. (Think of it this way: When you make a long distance phone-call, you receive a monthly bill that details your phone number called another phone number at a specific time, for a specific duration. The phone company doesn’t actually have record of the conversation, however).

The data collected does include IP source and destination addresses, Transport layer source and destination ports, byte countes, packet counts, TCP flags, and MAC addresses. (Below is all the fields actually captured)

So what does this allow? Utilizing Netflow, I can determine subscribers on the network with certain network signatures for viruses, detect some DoS attacks and SYN scans, and graph the most commonly used protocols on the network.

I can also shape traffic based on determinations made by looking at the data. Is someone experiencing bad Skype calls due to someone streaming video over HTTP? I can use the netflow data to reshape things as needed.

So what’s in the works? Using NetGeo data, I plan on mapping connection endpoints on a US world map, allowing a visual display of where in the world most connections are destined.

But next up:  I  need to fix the  bug preventing a software reboot of the access points – hopefully I can get to that this weekend.

Update  6/9/2010:

Jake Wilson pointed out the free NetFlow analyzer Scrutinizer by Plixer. I’ve not had a chance to look it over yet – but check out this video about the product.  I first came across that video a month or two ago… it was like staring at the sun, initially I couldn’t tell if I liked it or not – but I watched it like 20 times that day.  GREAT work guys, catchy AND entertaining.

After attending the season ending of the Harrisburg Symphony Orchestra, grabbing a bite at Harrisburg’s best sushi joint (props to my other favorite though, which is much less expensive), and heading home, my girlfriend pointed out “there’s a HUGE ant in the corner by the front door.”

It was this time last year that my almost successful attempt at rearing an ant colony in a plaster-cast formicarium failed.  Since then, other projects have taken precedence, and all my equipment (test-tubes, tubing, home-made asperators, numerous containers, etc…) have been packed away in the basement). I immediately ran downstairs and grabbed out the first container and spool of tubing I could find.

I’m still not entirely sure what killed off the last colony –  only 2 ants hatched prior to them all being found dead.  There’s a couple likely possibilities: I fed them a few pieces of birdseed – learning later that some birdseed contains pesticide; there may have been a lack of oxygen in the formicarium (I was hoping the large amount of evaporating water would provide an ample amount of oxygen), the clay used to form the chambers in the formicarium possibly contained sulphur….

So, I’m picking up and starting all over. The gang at antfarm.yuku.com have put together a great forum on ant care, building formicariums, general tips – AND they do ant identifications.

After providing the pictures and a brief description – it appears this may be Camponotus Pennsylvanicus. (I believe that’s a carpenter ant). Not exactly the best thing to have in one’s house, but I’ve seen no visible wood damage anywhere.

Instead of re-using the former plaster-cast nest, I’m starting over. The plastic box is readily available at the local Michaels Arts and Crafts Store, I purchased 3 initially, so I have another one laying around. To form the chambers in your formicarium, you simply apply clay to the walls. After filling the enclosure with plaster of paris and allowing time for it to dry, you pull the cast out of the box and remove the clay.

My former nest (see the topmost  picture) had a drilled hole to allow for application of water at the base. The top portion (the lid) of the nest had a thermometer and humidity meter. I also had a connector tube allowing me to connect the formicarium to a food scavenging area. The nest itself had many wraparound tunnels going around each side.

My current plans are to keep the exact same idea, although use deeper chambers. Honestly, I couldn’t have been happier with the former nest, but I’d rather not risk the possibility of contamination.

I’ll post pictures of the new build in the coming week. In the meantime take a look at this video of ants farming aphids.