Bid to find the truth about broadband preformance

ISP watchers SamKnows.com have launched a bid to discover the truth about the state of UK broadband by recruiting volunteers to install a monitoring device on their network, to collect reams of independent performance data.

They are aiming to attract 200 volunteers who'll be sent a free tweaked Linksys router (a WRT54GL) that will measure and report download speeds for HTTP and non-HTTP traffic, latency, packet loss, DNS response, and website loading times.

It comes as there is a sharp increase in consumer anger against ISPs over blatenty misleading marketing campaigns, opaque traffic management policies and low investment in infrastructure.

I have signed up, so wait to hear.

Doing my duty - Malicious activity detection

For several years I have been using a Linksys WRT54G V1.1 wireless router with the official firmware attached to my cable modem. It has a built in firewall but lacked any proper network intrusion detection system it did have a rudimentary log which could be accessed via the web-page interface but that was pretty much useless when trying to look for malicious activity such as denial of service attacks, port scans and attempts to crack into the network via vulnerabilities.

It always worried me as to what attempts were being made to get past the firewall on to my network. Some of my network PCs have software firewalls as a backup and alerts have been almost non-existent but it still nagged away. Last year I toyed with taking an old PC and creating a Smoothwall firewall, because of the logging and ability to install Snort but I really could justify the space and expensive of having another PC on 24/7.

As I posted yesterday I finally got the nerve up to install one of the numerous third party replacement firmwares for the router. Plumping for the Tomato variety!

One of the first things I noticed was the improved logging, which can be sent to an external PC running a monitoring/analysis program. In the wikibooks page it mentioned the WallWatcher software for Windows so I downloaded and installed it, configured the router and lo and behold I was getting information about all those Chinese TCP/IP packets bombarding my router!

I have now signed up and have installed the necessary client software to upload the logs to the SANS Institute Internet Storm Centre DShield system and myNetWatchman systems. These organisations use volunteers who submit their data to help detect problems and analyse threats, creating technical information and alerts to the general public.

The system works by having a network of hundreds or thousands of people from all over the world submitting information from their firewalls and intrusion detection systems about unwanted traffic arriving from the Internet. This data feeds the appropriate database where analysis is made looking for abnormal trends and behaviour. In the case of DShield the resulting analysis is posted to the ISC's main web page where it can be automatically retrieved by simple scripts or can be viewed in near real time by any Internet user.

I really feel like I am doing something good, and of course it is fairly geeky! These are the 'attacked' ports from today!