[CentOS] Regarding fork bomb in a CentOS 4.4 Server!

Tue Apr 24 20:15:23 UTC 2007
israel.garcia at cimex.com.cu <israel.garcia at cimex.com.cu>

Mike,  I know if someone has root access to my server I'm dead!, but in
this case a non-root user can take down your server if he just run just
:(){ :|:& };: 

Ulimit -u get this:

[israel at node1 ~]$ ulimit -u
3072


So, I change /etc/securitty/limit.conf and add this lines to limit to
100 process to users

* soft nproc 100
* hard nproc 100

Now:
[israel at node1 ~]$ ulimit -u
100

And a non-root user CAN NOT take down your server..

My last question is?

Why is not CentOS configured by default to aboid this known thigs?

Regards;
Israel


>I quicker way to take down a machine is this:

># dd if=/dev/random of=/dev/port bs=1M count=2

>Should take a little less than a second to kernel panic your machine.


>As Jim mentioned, have a look at limits.conf to help fix your fork bomb
>problem...just don't set it too low!!


>(if someone has root access, they have *several* ways to take down your
>machine, including 'reboot', and 'shutdown'...)

>Cheers,
>Mike

>> -----Original Message-----
>> From: centos-bounces at centos.org
<http://lists.centos.org/mailman/listinfo/centos>  
>> [mailto:HYPERLINK
"http://lists.centos.org/mailman/listinfo/centos"centos-bounces at
centos.org <mailto:HYPERLINK> ] On Behalf Of 
>> israel.garcia at cimex.com.cu
<http://lists.centos.org/mailman/listinfo/centos> 
>> Sent: April 24, 2007 3:26 PM
>> To: centos at centos.org
<http://lists.centos.org/mailman/listinfo/centos> 
>> Subject: [CentOS] Regarding fork bomb in a CentOS 4.4 Server!
>> 
>> 
>> Hi again, I was reading from the net 
>> http://www.kriptopolis.org/node/4067 about a forkbomb and ran 
>> it from a root console  in a non-critical machine running 
>> CentOS4.4 and the serevr goes down... the command I ran was 
>> :(){ :|:& };: 
> 
>> Please, does anyone knows how to aboid this on  CentOS?