"What's the big deal?"
"I don't understand what the big deal is, really." She's getting frustrated - I can tell.
We're sitting at Denny's, and we've been here for a while. I've had more than a few cups of coffee. The ashtray's contents of seven little stubs serves as testimony that this conversation isn't going well. In truth, we've been here for far too long, discussing the same thing.
The problem is Jessica wants me to set her computer up through the cable modem to surf the internet. That wouldn't be a problem, except her favorite online activity is sharing mp3 files over IRC. We are pretty poor, so we can't afford a NAT device. This means that I would have to proxy the connection over to her from my Linux box using IP Masquerading. Again, this isn't too much of a problem, either. The problem comes from the obvious security holes that are presented when one runs a script to share files over IRC.
Sysadmins worth their salt have a certain sort of "Spidey Sense" about this. You can't help it. You're job is to provide the company that you happen to be working for with as secure a network as possible. IRC, as a rule, would be a small faux pas on a corporate network with sensitive data assessable through the connected computer. Running an Fserve on IRC from the same computer to share files on your hard disk is a major security concern - akin to asking any "3l337" 15-year old with a port scanner to see what sort of havoc he or she can wreak on your computer (and LAN) while you are away.
The same sense comes home - especially when you are setting up a home LAN to share a full-time internet connection.
Okay. Perhaps you, fellow noder, are thinking that Our Hero is being a tad paranoid about this whole thing. You may also be saying to yourself something along the lines of "Well, if he's so worried about security, perhaps he should do his best to run safeguards on the computer that does the NAT, so that there can be somewhat of a firewall in place." That's all well and good, but in doing that I would totally cripple Jessica's ability to run an fserve at all. By nature, IP Masquerading provides the basic security of only having one "Live IP Address" to deal with in the first place. Besides that, IP Masquerading is pretty transparent and "SIAFI" -- Set It And Forget It. That's one of the best things about it - once it's done, it's done. No worrying about things after the fact.
"So what's your point, Forest?"
It's quite simple, really. I don't have a problem with her running an fserve while she's using the computer - that is, she's not just leaving it to share files while she goes off to work, or off to bed, or whatever. I'm not worried about the five or six hours a day that she's going to actually be using the computer. My big concern is those times when she's not even there, meanwhile Mr. Fserve-script-for-mIRC -for-Windows-for-people-who-aren't-really-technically-savvy-in-the-first-place runs in the background. She's connected to IRC, of course, and there's some yutz there who's just dying to lay a real mean "Denial Of Service attack" on some unsuspecting IRCer, or worse. Just think about the legal ramifications (the last time I checked, actually possessing MP3 files on your hard disk wasn't exactly what one would refer to as "legal"). That nifty script she runs doesn't employ a ratio of any kind - if you want it, it's yours. It's not like Napster, or Audiogalaxy. With these services, you have more of a sense of anonymity. Your IP information isn't just a /whois query away. It's disheartening.
The resolution cometh...
Jessica's a great sport. She understands my concerns, even if she doesn't really understand all of the technical jargon. After a while (and a few cross looks from the waitress wondering when the hell we were going to leave) she agrees that she will only have the fserve open when she's home and awake. This cuts the online time of the fserve down from 24 to about 8 or so hours a day. I can live with this. It's called compromise, and it's one of the reasons that I have such a good relationship. Give a little - get a little. She considers her friends on IRC that she "trades" files with part of a little community that she can contribute to. Since I have found a certain "online database project" not too long ago, I can see what she means. It's important to do something on the computer that you feel you belong to. I can't fault her for it. If she's not in all day, it will give me a chance to monitor the network more closely for "trouble users" and take measures to ban them from the broadcast IP. We both feel better, and (oddly) closer with each other. I haven't realized it, but I've just given Jessica a crash-course in NAT. She's learned something, albeit serendipitously, and I feel better for teaching her something.
It's funny, but I find that all of our "issues" tend to end this way - a calm resolution that finds us both having learned something. This time, it was her that learned some new bit of technical knowledge, while I learned something (I believe) that is far more important:
No matter how much you know about tech, you can never learn enough about communicating with the person that you love.