X400/X25 link on a TCP/IP connected NT Exchange server

[Ellis Luk <e_luk () hotmail com>]

Can someone shed some light on the potential risk for allowing a
local Telco service provider to connect to an TCP/IP connected NT
Exchange server using X25/X400 (ie the NT server will have a X25 card
connected to the service provider and the NT server "suppose" to only
send X400 messages out through that link.)

Most of my experience is around TCP/IP, so I am not aware of any
security product/firewall for X400 service (over a X25 link, not
TCP/IP). I searched the WEB to see if there is any info both X400,
but not much can be found :-(

Some questions in my mind are:
- Is it possible for someone to stuff TCP/IP packets through the X25
link and fool the NT server to route it to the IP network (assume
that the X25 card on the NT is NOT configured to run TCP/IP
services)??

- Is there any buffer overflow bug for the NT X400 connector service ?

- Would the risk be reduced if the X25 link is not directly connected
to the NT server, but go through a security device first ? (Is such
security device exist ??)

Thanks.

--
Ellis Luk


______________________________________________________
Get Your Private, Free Email at http://www.hotmail.com