Re: Loopback and multi-homed routing flaw in TCP/IP stack.

[Neil W Rickert <rickert+bt () CS NIU EDU>]

Woody <woody () THEBUNKER NET> wrote:

> We believe there to be a serious security flaw in the TCP/IP stack of
> several Unix-like operating systems. Whilst being "known" behavior on
> technical mailing lists, we feel that the implications of this
> "feature" are unexpected. Furthermore, not all platforms behave in the
> same way, which will obviously lead to invalid expectations.

[detailed description snipped]

I am surprised to see this described as a flaw.  It is behavior I
have been relying on for some time.  Specifically, on my client
machines, I add a route to the alternate interface of my servers via
the direct interface of the same server.  This allows direct
connection to the server without relying on a router, regardless of
which IP address is used for the service.  For NFS clients, I
consider it important to be able to do this.

If there is a flaw, it is surely in the thinking of people who
mistakenly assumed that multi-homed systems would not behave so as to
allow this.

The original message states

> At the moment, any machine which has either:

> o       services running on the loopback interface

> o       two or more external interfaces

> must be configured, using a firewall, to drop IP packets arriving from
> the wrong network in order to be secure. This is commonly not the
> case.

This is surely an overstatement.  I expect that there are many
multi-homed servers which offer the same network services on each
interface.  There do not appear to be any security issues in such
cases.

 -NWR