Firewall for PPP Dial-outs?

Firewall for PPP Dial-outs?

Post by David Kieschnic » Tue, 20 Jan 1998 04:00:00

We have 50 Win95 PC's on a LAN, connecting to an NT server. We dial out
from desktops, through a Perle modem pool, to a local ISP. Internet
connection time is not enough that we need a dedicated line...we just
use PPP and POTS.

Currently, LAN protocols are NetBEUI and IPX. TCP/IP only runs bound to
the dial-up connection, not between PC's.

Do we need some kind of firewall? We have anti-virus software on PC's
and server. Only have the one server....mainly to run the SNA Server
connection to the AS400.

6 users get Email. We have no internal Email system, although that will
come next year.

I bought the Centri firewall, but it wants an InterNIC registered IP
address for the outgoing side...something we don't have since we're
assigned an address on PPP connection. And it wants to live on a
separate NT Server installation.

Seems like overkill.

Any suggestions would be appreciated.

Dave Kieschnick


1. SLIP/PPP Dial-up security

Hi all

I am a Systems/Network Administrator at a large aerospace company and one
of my duties is administration of our users dial-up internet accounts.  
The executive have recently asked me what security concerns there is in
regards to SLIP/PPP dial-up connections from computers hooked to our
local network and/or mainframe.

In discussions with people, I have come up with the possible security
risks being:
1)  If a ftp or telnet server is set up, it could be hacked.  This
although is not a problem here, as none of these services have been set
up on our end.
2)  If a user downloads a file that contains a virus.

Unfortunately, I can't find any documentation or papers confirming or
denying my findings.

I was wondering if anyone out there had any information about security
risks associated with SLIP/PPP dial-up internet access.  If you do, could
you please tell me where I could get this information.  

Thanks in advance.

Tony Bergen
Systems/Network Administrator

Bristol Aerospace Limited (Rolls Royce)

2. Micropolis: Defective Drive Manufacturers

3. Modems Pools ,Dial-in, Dial-out, Call back

4. I had to try it!

5. ZA and intermittent broadband cut-outs

6. as close to cable as i can get

7. Accout Lock outs

8. StarWriter

9. ssh time outs

10. Private chat over PPP through firewall possible?

11. blocking dialup PPP access behind firewall

12. NT40 <-> PPP <-> Internet : Does I need a Firewall?