Security Considerations in a Multihomed Operating Systems

Abstract: This short article presents an interesting behaviour of popular operating systems when multiple network interfaces are being used at the same time. Even if the IP layer forwarding (routing) is disabled some operating systems still deliver spoofed packets to the application not checking if they came from the proper physical interface. This paper verifies and compares the behaviour of three most popular operating systems, i.e. Microsoft Windows, Linux and Apple OS X. The behaviour was verified experimentally. The results show that all tested systems behave differently and there is no agreed way of processing IP traffic. This is an important problem which is not sufficiently documented nor described and may lead to security flaws when improperly interpreted by system administrators.