Mike, I know if someone has root access to my server I'm dead!, but in this case a non-root user can take down your server if he just run just :(){ :|:& };:
Ulimit -u get this:
[israel@node1 ~]$ ulimit -u 3072
So, I change /etc/securitty/limit.conf and add this lines to limit to 100 process to users
* soft nproc 100 * hard nproc 100
Now: [israel@node1 ~]$ ulimit -u 100
And a non-root user CAN NOT take down your server..
My last question is?
Why is not CentOS configured by default to aboid this known thigs?
Regards; Israel
I quicker way to take down a machine is this:
# dd if=/dev/random of=/dev/port bs=1M count=2
Should take a little less than a second to kernel panic your machine.
As Jim mentioned, have a look at limits.conf to help fix your fork bomb problem...just don't set it too low!!
(if someone has root access, they have *several* ways to take down your machine, including 'reboot', and 'shutdown'...)
Cheers, Mike
-----Original Message----- From: centos-bounces at centos.org
http://lists.centos.org/mailman/listinfo/centos
[mailto:HYPERLINK
"http://lists.centos.org/mailman/listinfo/centos%22centos-bounces at centos.org mailto:HYPERLINK ] On Behalf Of
israel.garcia at cimex.com.cu
http://lists.centos.org/mailman/listinfo/centos
Sent: April 24, 2007 3:26 PM To: centos at centos.org
http://lists.centos.org/mailman/listinfo/centos
Subject: [CentOS] Regarding fork bomb in a CentOS 4.4 Server!
Hi again, I was reading from the net http://www.kriptopolis.org/node/4067 about a forkbomb and ran it from a root console in a non-critical machine running CentOS4.4 and the serevr goes down... the command I ran was :(){ :|:& };:
Please, does anyone knows how to aboid this on CentOS?