Trying to work this out…

My wireless at home is semi-secured with 128 bit WEP, although the SSID is broadcast. I’m not fooling myself that it’s foolproof, just that it’s good enough to make most people do down the road to find easier pickings at some open node named ‘Linksys’. But recently I’ve “relied on the kindness of strangers” using people’s nodes that they’ve either left open through stupidity (like my sister-in-law’s neighbours with the ‘Linksys’ ssid and the default login to the Linksys administration page) or open through an intent to share their resources (like Steven Cherry). So I’m starting to wonder if I shouldn’t be returning the karma and have an open node myself.

But I’m worried about the implications of that. The first worry is that somebody could use my node to send out spam. I have enough trouble with my mail server being blocked by various RBLs that I don’t want to get on any more – I recently had problems because I was sending a lot of mail out through a friend’s relay, and he got listed in an RBL that I use myself, which caused all sorts of problems. But in actual fact, that’s pretty unlikely unless it was one of my neighbours.

The second worry is that by having strangers on my internal network, they’d get access to things that I probably don’t want them to have access to, like the nfs export of my /mp3s directory. I don’t want the hassle of having to harden some of the services I’ve currently got open to the 192.168.1.0/24 subnet. And the related worry that they could snoop things like imap or pop between graphic email clients and the mail server. Personally, I ssh into the server and use mutt, but Vicki sometimes uses Mail.app and I think Laura uses Mail.app almost exclusively. I don’t know if Mail.app supports any sort of encrypted link, or if I could figure out how to support it on my Linux box. Not sure I’d want to.

So I’m wondering if what I need isn’t a configuration with two subnets, one open node for strangers to connect where they can reach the outside world but not my Linux box, and one secure node that once you’re in, you’ve got full access to the goodies? Maybe the open node should block outgoing connection to port 25 except for my ISP’s mail relay or something like that? The problem with that is that my current router/WAP isn’t capable enough to do that sort of filtering, and while I have a better router/WAP (a Linksys WRT54G) on order, I would prefer to use that for me, not for strangers.

Anybody have any suggestions?

Good news, bad news, “meh” news.

First things first: The house is beautiful on the outside, and from the inside the breakfast nook and glassed in porch are still everything I’ve ever wanted in a house. However, the inside reveals a tiny master bathroom, a tiny basement, a tiny garage, possibly bad plaster, and a bunch of things that make you think “I don’t want to spend a quarter of a million dollars on a fixer-upper.” So it looks like our conscience will be clear on passing this one up. Considering all the factors I mentioned yesterday, that’s probably a good thing.

Secondly: Today was my appointment with the rheumatologist, Dr. Tammi L. Shlotzhauer. She’s written a book on rheumatoid arthritis, but I was pretty sure I didn’t have that. Over 30 years of diagnosis attempts, I’ve got a pretty good handle on what I don’t have. Not so great a handle on what I do have, though.

Any way, she listened to my story (or an abbreviated version thereof) and poked and prodded. She said “well, we don’t really have a name for what you have, but ‘degenerative arthritis’ is about as close as we can come.” Basically, as I’ve always suspected, I just have a very strong susceptability to soft tissue injury. Anyway, she suggested that I try glucosamine and chondritin. I’ve tried them before – I gave them a month, based on what some orienteering friends told me – but she says to give it 3 months, and to use a much higher dosage, and to keep using ibuprophen as needed for pain and inflammation. She also told me to do some quad lifts, something I’ve done before, but maybe in conjunction with the glucosamine it will do something. She’s also going to give my doctor a list of long term anti-inflammatories to try if the glucosamine doesn’t work. Well, I wasn’t expecting miracles, and I didn’t get miracles, but I got as good as I could hope for.