Other than PPTP in NT 4.0, I'm not aware of NT tunneling anything on any
protocol. I think maybe your question is NetWare-specific.
As far as traditional TCP/IP hacks against NT, sure, it should not be
considered the be all and end all of security woes. NT introduces new
potential hack points with the registry being exposed through port 135
or potential NetBIOS hacks. If you use a poorly written Unix->NT port of
some Unix daemon, and they shell applications or commands, for example,
then it can be exploited.
NT doesn't explicitly deny the way an expensive Firewall does, so there
is one reason. Expensive Firewalls stay on top of emerging security
issues and new hack techniques, NT does a service pack once a quarter or
two. Expensive Firewalls produce logs and alerts based on suspicious or
rejected activity, NT has event loggers which report a number of things,
but not rejected packets (i.e. you wouldn't know that your NT box was
being interrogated with a port scanner).
Using IPX, or IPX tunneled in IP, introduces Obscurity, not Security. In
your example, if I am only interested in collecting data that is being
transmitted across your network, say, to intercept your latest formula
for Love Potion #9, then the fact that its IPX encapsulated in IP is
irrelevant, isn't it. I still get the data!
...eek, quick, someone give me some broken software, I'm suffering beta