[CentOS] Regarding fork bomb in a CentOS 4.4 Server!
israel.garcia at cimex.com.cu
israel.garcia at cimex.com.cu
Tue Apr 24 20:15:23 UTC 2007
Mike, I know if someone has root access to my server I'm dead!, but in
this case a non-root user can take down your server if he just run just
:(){ :|:& };:
Ulimit -u get this:
[israel at node1 ~]$ ulimit -u
3072
So, I change /etc/securitty/limit.conf and add this lines to limit to
100 process to users
* soft nproc 100
* hard nproc 100
Now:
[israel at node1 ~]$ ulimit -u
100
And a non-root user CAN NOT take down your server..
My last question is?
Why is not CentOS configured by default to aboid this known thigs?
Regards;
Israel
>I quicker way to take down a machine is this:
># dd if=/dev/random of=/dev/port bs=1M count=2
>Should take a little less than a second to kernel panic your machine.
>As Jim mentioned, have a look at limits.conf to help fix your fork bomb
>problem...just don't set it too low!!
>(if someone has root access, they have *several* ways to take down your
>machine, including 'reboot', and 'shutdown'...)
>Cheers,
>Mike
>> -----Original Message-----
>> From: centos-bounces at centos.org
<http://lists.centos.org/mailman/listinfo/centos>
>> [mailto:HYPERLINK
"http://lists.centos.org/mailman/listinfo/centos"centos-bounces at
centos.org <mailto:HYPERLINK> ] On Behalf Of
>> israel.garcia at cimex.com.cu
<http://lists.centos.org/mailman/listinfo/centos>
>> Sent: April 24, 2007 3:26 PM
>> To: centos at centos.org
<http://lists.centos.org/mailman/listinfo/centos>
>> Subject: [CentOS] Regarding fork bomb in a CentOS 4.4 Server!
>>
>>
>> Hi again, I was reading from the net
>> http://www.kriptopolis.org/node/4067 about a forkbomb and ran
>> it from a root console in a non-critical machine running
>> CentOS4.4 and the serevr goes down... the command I ran was
>> :(){ :|:& };:
>
>> Please, does anyone knows how to aboid this on CentOS?
More information about the CentOS
mailing list