We are trying to understand the security risks
involved with using ADSM on our Intranet to back up
servers on the Extranet.  We are aware that
communications(currently) are not encrypted and are
initiated by the client machine to the ADSM server on
a selectable TCP port.  If we were to accept the
vulnerabilities to the data stream that these points
imply, we still need to know what danger there is to
the ADSM server (by platform) if an extranet server
(which is an ADSM client and has TCP access to the
ADSM server) gets compromised.  Possible problems
would be constructed malformed packets which cause the
ADSM service to panic and produce a command shell,
shut down the service (denial of service attack), etc.


Does anyone have any thoughts about this or know about
future capabilities in these areas?

Thanks in Advance.

_________________________________________________________
Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com