Linux Kernel Security, Again

Threat level definition

Linux Kernel Security, Again
Jason Miller, 2005-03-16

It's a sad day when an ancient fork bomb attack can still take down most of the latest Linux distributions.

Expand all | Post comment

silly article 2005-03-17
Anonymous (4 replies)

silly article 2005-03-18
Anonymous

silly article 2005-03-18
Anonymous (1 replies)

shouldn't you people already have your boxes secured? 2005-03-18
Anonymous (2 replies)

shouldn't you people already have your boxes secured? 2005-03-19
Anonymous

shouldn't you people already have your boxes secured? 2005-03-23
anon

silly response 2005-03-18
Anonymous

silly comment 2005-03-18
Anonymous (1 replies)

silly article 2005-03-18
Anonymous

Linux Kernel Security, Again 2005-03-17
Karyl Stein (1 replies)

Linux Kernel Security, Again 2005-03-17
Jason V. Miller (Author) (1 replies)

Linux Kernel Security, Again 2005-03-18
Anonymous

Linux Kernel Security, Again 2005-03-17
Anonymous (3 replies)

Linux Kernel Security, Again 2005-03-17
Jason V. Miller (Author) (3 replies)

Linux Kernel Security, Again 2005-03-17
mrsad (1 replies)

Linux Kernel Security, Again 2005-03-17
Jason V. Miller (Author) (1 replies)

Linux Kernel Security, Again 2005-03-18
Anonymous (2 replies)

Linux Kernel Security, Again 2005-03-18
crf (2 replies)

Linux Kernel Security, Again 2005-03-18
Anonymous

Linux Kernel Security, Again 2005-03-18
Anonymous

Linux Kernel Security, Again 2005-03-20
Anonymous

Linux Kernel Security, Again 2005-03-18
Anonymous

Linux Kernel Security, Again 2005-03-19
CrossChris

Linux Kernel Security, Again 2005-03-18
Anonymous

Linux Kernel Security, Again 2005-03-18
Anonymous

simple fork bomb? 2005-03-17
Anonymous (1 replies)

Simple fork bomb?

1. were your limits rationally set? As in sized for your system. My limit is 4095 (though I REALLY shouldn't do that...)

2. Was your memory limits properly sized? This tends to limit the effect of some fork bombs (fork/exec type) since the memory allocated is shared (copy on write) in a simple fork attack.

3. Do you have a CPU usage limit? This slows some fork bombs by aborting them after the CPU limit is reached.

Once your resource limits are reached, of course you (as the user) shouldn't be able to start more.

You might see if you can login as root... or a different user (which would get a different limit, with a new resource allocation).

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/columns/308/30970#30970

simple fork bomb? 2005-03-17
Jason V. Miller (Author) (3 replies)

simple fork bomb? 2005-03-17
Anonymous

simple fork bomb? 2005-03-17
Anonymous (1 replies)

simple fork bomb? 2005-03-17
Jason V. Miller (Author) (1 replies)

simple fork bomb? 2005-03-18
Stephen Samuel (3 replies)

simple fork bomb? 2005-03-18
Eric F.

simple fork bomb? 2005-03-18
Michael Ayres

simple fork bomb? 2005-03-20
Anonymous

simple fork bomb? 2005-03-20
Anonymous

Linux Kernel Security, Again 2005-03-17
AdamW

Linux Kernel Security, Again 2005-03-17
Todd Knarr

Intended use dictates the limits 2005-03-17
Erik Keller (1 replies)

Intended use dictates the limits 2005-03-17
Jason V. Miller (Author) (4 replies)

Intended use dictates the limits 2005-03-18
Erik Keller (1 replies)

Maybe just use proper distros where needed? 2005-03-20
Michael Shigorin

Intended use dictates the limits 2005-03-18
Jim

Intended use dictates the limits 2005-03-23
Anonymous

Intended use dictates the limits 2005-03-25
Anon

Linux Kernel Security, Again 2005-03-17
Anonymous (2 replies)

Linux Kernel Security, Again 2005-03-17
Jason V. Miller (Author) (1 replies)

LSM is in the standard kernel. 2005-03-18
Anonymous

Linux Kernel Security, Again 2005-03-18
Anonymous (1 replies)

Linux Kernel Security, Again 2005-03-18
Anonymous (1 replies)

Linux Kernel Security, Again 2005-03-19
PaX Team

Once again... 2005-03-18
Anonymous (1 replies)

re: Once again... 2005-03-18
editor

Debian not vulnerable? 2005-03-18
Wilmer van der Gaast (2 replies)

Debian not vulnerable? 2005-03-18
k_the_c

Debian not vulnerable? 2005-03-18
Anonymous

Linux Kernel Security, Again 2005-03-18
Matthew

Linux Kernel Security, Again 2005-03-18
Gentoo User (1 replies)

Linux Kernel Security, Again 2005-03-18
Another Gentoo User (2 replies)

Linux Kernel Security, Again 2005-03-18
Gentoo/Debian/OpenBSD user (1 replies)

Linux Kernel Security, Again 2005-03-18
Jason V. Miller (Author)

Linux Kernel Security, Again 2005-03-18
gregm

python forkbomb one liner + thoughts 2005-03-18
X

Linux Kernel Security, Again 2005-03-18
FreeBSD user (2 replies)

Linux Kernel Security, Again 2005-03-18
Jason V. Miller (Author)

Linux Kernel Security, Again 2005-03-19
Ryan

Debian IS vulnerable! 2005-03-18
Anonymous (2 replies)

Debian IS vulnerable! 2005-03-18
Anonymous

Debian IS vulnerable! 2005-03-18
Anonymous (2 replies)

Get SuSE 2005-03-18
Anonymous

Debian IS vulnerable! 2005-03-18
Anonymous

Linux Kernel Security, Again 2005-03-18
Gentoo User

Linux Kernel Security, Again 2005-03-18
Anonymous

Linux only? perhaps across the board problem? Conflict of interest? 2005-03-18
glotfeltys@gmail.com (1 replies)

no conflict, thank-you very much 2005-03-18
editor

Linux Kernel Security, Again 2005-03-18
Angel Freire

Gentoo vulnerable? 2005-03-18
Anonymous (1 replies)

Gentoo vulnerable? 2005-03-18
dk

Linux Kernel Security, Again 2005-03-18
Saltine (1 replies)

Linux Kernel Security, Again 2005-03-20
Anonymous

Linux Kernel Security, Again 2005-03-18
Stef (1 replies)

Linux Kernel Security, Again 2005-03-18
Jason V. Miller (Author)

Jason's opinion is too biased 2005-03-18
Anonymous (2 replies)

Jason's opinion is too biased 2005-03-18
Anonymous

Jason's opinion is too biased 2005-03-18
Jason V. Miller (Author) (1 replies)

Jason's opinion is too biased 2005-03-23
Anonymous

Linux Kernel Security, Again 2005-03-18
Anonymous

Take the first step author. 2005-03-18
EG (2 replies)

Take the first step author. 2005-03-18
Anonymous (1 replies)

Take the first step author. 2005-03-18
Anonymous

Take the first step author. 2005-03-18
Jason V. Miller (Author)

Solution was?... 2005-03-18
Anonymous (2 replies)

Solution was?... 2005-03-18
Anonymous

Solution was?... 2005-03-19
Anonymous

Not quite a valid criticism... 2005-03-18
Anonymous (2 replies)

Not quite a valid criticism... 2005-03-20
darwin lopez

Not quite a valid criticism... 2005-03-20
Anonymous

Linux^H^H^H^H^HAny Kernel Security, Again 2005-03-18
Anonymous

Silly IDS kid needs to learn C. 2005-03-19
OpenBSD is for Girls

Linux Kernel Security, Again 2005-03-19
Anonymous

Linux Kernel Security, Again 2005-03-19
Anonymous

FC2 vulnerable, too - copy of script enclosed 2005-03-19
Anonymous

Linux Kernel Security 2005-03-19
Anonymous

Does it work on Mac OS X? 2005-03-19
huwr

Fresh FreeBSD 5.3 install 2005-03-20
Anonymous

Gentoo: emerge hardened-dev-sources 2005-03-20
Scoove

Try, disk I/O and mem. alloc 2005-03-20
Bipin Gautam

Solaris 10 vulnerable, too 2005-03-20
Anonymous

Why its Valid! 2005-03-21
Anonymous

Mandrake 10.1 didn't freeze... 2005-03-21
Anonymous

Scaremongering. Not a serious problem. 2005-03-21
Anonymous

DEBIAN 2005-03-21
Anonymous (1 replies)

DEBIAN 2005-03-22
Anonymous (1 replies)

DEBIAN 2005-03-23
Lucio

Linux Kernel Security, Again 2005-03-23
Anonymous

Linux Kernel Security, Again 2005-03-24
Anonymous

PAM 2005-03-24
Maestr0

Linux Kernel Security, Again 2005-03-28
Anonymous

Linux Kernel Security, Again 2005-03-29
Anonymous

Linux Kernel Security, Again 2005-09-01
tcsh

Privacy Statement
Copyright 2009, SecurityFocus