At 08:18 PM 06-03-2001 -0000, David Litchfield wrote:
>
>This affects Windows NT as well. I spoke of the exact same problem back in
>the December of 1998 (http://www.securityfocus.com/vdb/bottom.html?vid=1692
>for the BID and http://oliver.efri.hr/~crv/security/bugs/NT/msproxy3.html
>for the details) whereby we could get to the "clean" interface via the
>"dirty" interface on MS Proxy II and from there to the rest of the
Does it really affect Windows NT?
I find if IP forwarding is on, then yes you can ping its 127.0.0.1
interface (this seems expected to me). But if it's off 127.0.0.1 is not
accessible (just like in Windows 9x).
I tested this sometime last year with Linux 2.0.
Recently I found that Linux 2.2 seems to behave strangely - I couldn't
bring down the lo0 interface and ping a remote 127.0.0.1
Freebsd 4.2 and Linux 2.0 are indeed vulnerable to this multihome thingy.
In fact I did use this feature for a Linux 2.0 firewall - I used the IPs as
DMZ IPs.
However it appears to me that it would be hard to exploit this from a host
more than one network away.
Cheerio,
Link.
Received on Mar 07 2001
Intro
