This is a little off-topic, but I thought I would try it anyway.
We provide Internet access to 300 users enterprise-wide through our
frame-relay WAN connections and our firewall at our corporate headquarters.
Some users have decided to go out and get accounts with local ISPs and have
dial-up connections in Windows95 or Windows NT to these ISPs. How much of
a security risk does everyone think this may be? Since these users are
typically dynamically assigned an IP address when they log in to their ISP,
they then have TWO IP addresses on their system. One for the network card
and one for the dial-up PPP connection. Could an attacker use this
situation to attack our network? How likely is this?
We are trying to eradicate this from our network, but some of these users
are pretty stubborn.
Network System Engineer
MAPCO Coal, Inc.