fork bomb attack
Tyler Larson
fedora-devel at tlarson.com
Sat Mar 19 04:23:31 UTC 2005
Michael Schwendt wrote:
>
> The default ulimit on max user processes is so high, it doesn't serve as
> protection. An admin must find much tighter limits to make a box more
> secure against fork bomb DoS attacks.
>
Fork bombs have always been of little concern to admins. They do
relatively little damage and are completely traceable. The perpetrator
does little more than land himself in a lot of hot water. In most cases,
the threat of disciplinary action is enough protection--it's not an
attack that can be launched anonymously.
In the extremely rare case where fork bomb protection is a big enough
concern to warrant reducing the process limits, the administrator can
impose whatever ulimit he wants. However, this is the exception rather
than the rule.
More information about the devel
mailing list