Bugtraq mailing list archives
Re: Loopback and multi-homed routing flaw in TCP/IP stack.
From: 3APA3A <3APA3A () SECURITY NNOV RU>
Date: Tue, 6 Mar 2001 13:34:18 +0300
Hello Woody, Monday, March 05, 2001, 10:44:43 PM, you wrote: W> There is a flaw in the TCP/IP stack, such that packets intended for W> loopback and/or local network interfaces, routed via any other W> interface, will be delivered EVEN IF THE MACHINE IS CONFIGURED NOT W> TO BE A GATEWAY (note that in the case of packets destined for the W> loopback interface, we consider this to be a fault no matter how W> the host is configured - see RFC 1122 comments below). This means W> that connections can be made to services that were intended to be W> invisible by virtue of the fact that they were only listening on W> the "inside" of a system. This may lead to further compromise of W> the host and/or connected networks, either via (e.g.) buffer W> overflows or enhanced privileges via access to SOCKS or other W> internal proxies. Windows NT behaves same way - it will accept connection to internal address through external interface even if routing is not enabled (I'm not sure about loopback). Then configuring Cisco routers it's quite common practice to give real address to loopback interface and link this address to few external interfaces. This behavior doesn't violate RFC 1122. And I believe this behavior is correct (imagine host with e.g. few PPTP and L2TP interfaces, some of them may be dynamically addressed. To make access to this host from outside you may want some static internal address, may be linked to loopback, rather then virtual interface or any physical interface, but enabling routing in this case isn't good idea). I believe solution for this problem may be something like ipfw add allow all via lo* ipfw add deny all to 127.0.0.0/8 if you want this behavior to be changed. -- ~/3APA3A Если даже вы получите какое-нибудь письмо, вы все равно не сумеете его прочитать. (Твен)
Current thread:
- Re: Loopback and multi-homed routing flaw in TCP/IP stack., (continued)
- Re: Loopback and multi-homed routing flaw in TCP/IP stack. Kyle Sparger (Mar 06)
- Re: Loopback and multi-homed routing flaw in TCP/IP stack. Kurt Seifried (Mar 06)
- Re: Loopback and multi-homed routing flaw in TCP/IP stack. Neil W Rickert (Mar 05)
- Re: Loopback and multi-homed routing flaw in TCP/IP stack. Ben Laurie (Mar 06)
- Re: Loopback and multi-homed routing flaw in TCP/IP stack. David Litchfield (Mar 06)
- Re: Loopback and multi-homed routing flaw in TCP/IP stack. Robert Collins (Mar 06)
- Re: Loopback and multi-homed routing flaw in TCP/IP stack. Lincoln Yeoh (Mar 07)
- Re: Loopback and multi-homed routing flaw in TCP/IP stack. Ben Laurie (Mar 06)
- Message not available
- Re: Loopback and multi-homed routing flaw in TCP/IP stack. Lars Mathiesen (Mar 06)
- Re: Loopback and multi-homed routing flaw in TCP/IP stack. David Damerell (Mar 06)
- Re: Loopback and multi-homed routing flaw in TCP/IP stack. Martin Macok (Mar 06)
- Re: Loopback and multi-homed routing flaw in TCP/IP stack. 3APA3A (Mar 07)
- Re: Loopback and multi-homed routing flaw in TCP/IP stack. bert hubert (Mar 06)
- Re: Loopback and multi-homed routing flaw in TCP/IP stack. Crist Clark (Mar 06)
- Re: Loopback and multi-homed routing flaw in TCP/IP stack. Woody (Mar 06)
- Re: Loopback and multi-homed routing flaw in TCP/IP stack. Lupe Christoph (Mar 07)