Hi

Our office has several staff who "link in" from home. They connect via their router and ISDN link (basically a PPP setup) directly onto our DMZ and then our firewall allows them to access various features on the network - eg mail and the several of the applications that run on various servers(firewall rules using specific IP addresses and ports in an attempt to tie things down as tightly as possible) . This I am happy with as their PC's are not connected to anything else.

However it has been brought to my attention that one person has created a home lan, whereby their PC (which they use to connect to our office network) is also connected locally to his home lan, along with his kids PC's. Now this home lan also has access to the Internet - and no firewall or Virus protection. I was informed that they thought this would be OK as the PC that links to the office is using one class C address, whilst the kids PC's are using a different class. I am concerned that if one of the Kids PC's gets compromised via the internet then the hacker could by whatever means get onto the trusted PC and then onto our office network.

Am I being paranoid or have I a good reason for concern.