Been thinking lately I would like to continue learning Python by building something other than my Netscreen config parsers ( note: also helping me to get back to OO programming... )
So right now I am still thinking of my distributed gaming / network viz platform ( http://bsdosx.blogspot.com/2005/07/i-wish.html ) that turns close to all supported nodes in to both collectors, engines and viewing platforms. ( Would love to do touch-screen also a la: http://www.youtube.com/watch?v=iVI6xw9Zph8 , but that's Phase 2 :p )
Constituent parts thus far include VTK http://public.kitware.com/VTK/index.php , Twisted python http://twistedmatrix.com/trac/ , and a perhaps an ESM ( End System Multicast ) http://esm.cs.cmu.edu engine for scaling, congestion etc rather than relying upon network based multicast in heterogeneous environments.
Bittorrent to distribute updates, policy and new functionality. DNS as a common C&C ( Command and Control ) channel for a 'Nematoad' ( nematode ) new sub-domain. Maybe use the domain as a test with RFC 1918 IP address space to stay within yor enterprise borders ( Urk, 'cept for extranets and other examples of double/sinlge NAT that may impinge! ). Also maybe use intentional defects in the SOEs to replicate to valid hosts rather than actual exploits.
If anyone is aware of Australian courses offering 'Security Metrics' http://www.securitymetrics.org/ and Network Visualization I would be happy to hear from you!