fork bomb attack
Rui Miguel Seabra
rms at 1407.org
Sat Mar 19 12:37:46 UTC 2005
On Fri, 2005-03-18 at 21:23 -0700, Tyler Larson wrote:
> Fork bombs have always been of little concern to admins. They do
> relatively little damage and are completely traceable. The perpetrator
> does little more than land himself in a lot of hot water. In most cases,
> the threat of disciplinary action is enough protection--it's not an
> attack that can be launched anonymously.
They are definitely not of little concern. A fork bomb on the DNS server
launched through some other bug would cause some interesting harm.
> In the extremely rare case where fork bomb protection is a big enough
> concern to warrant reducing the process limits, the administrator can
> impose whatever ulimit he wants. However, this is the exception rather
> than the rule.
Yes. But I don't envisage an user of fedora with 16k processes, do you?
I agree that the limit is insanely high.
Rui
--
+ No matter how much you do, you never do enough -- unknown
+ Whatever you do will be insignificant,
| but it is very important that you do it -- Gandhi
+ So let's do it...?
Please AVOID sending me WORD, EXCEL or POWERPOINT attachments.
See http://www.fsf.org/philosophy/no-word-attachments.html
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.fedoraproject.org/pipermail/devel/attachments/20050319/b85acb66/attachment-0002.bin
More information about the devel
mailing list