Broadcast and multi-homed routing condition in TCP/IP stack.

[Kenny Jansson <kenson () SENTOR SE>]

In light of the current discussion about the "Loopback and multi-homed
routing flaw in TCP/IP stack." it's worth mentioning another "condition"
that exists in some TCP/IP stacks.

Some stacks will allow TCP connection to be established to the broadcast
address configured on any given interface.

FreeBSD has had this behaviour for some time 4.x
up until 2001/03/03 17:39:20 PST when a fix was comitted to RELENG_4

OpenBSD also exhibits this behaviour. (Tested on 2.7)

Linux and Solaris don't.

The reason this condition is worth mention is for the cases when
you expect a number of external addresses to be exposed and you apply
excplicit filtering on those addresses, and wrongly assume that no
other endpoints exists to establish connections to.

Obvious fix of course if running FreeBSD is to update your kernel to
incorporate the commited fix. Obvious workaround is to always practice safe
networking, deny everything, then explicitly allow what should be allowed.


/Kenny
--
Kenny Jansson                        kenson () sentor se
Sentor AB, Västra Strandg. 7B, 753 11 Uppsala, Sweden
phn: +46 (0) 18 65 30 00  | gsm: +46 (0) 70 757 30 01