[KLUG Members] Fork Bomb in linux

[Mathew Enders]

On Sat, 2005-03-19 at 14:57 -0500, Bruce Smith wrote:
> You realize that an attacker would have to break into your machine in
> order to fork bomb your computer, right?  If that happens, you have more
> to worry about than someone doing a DoS on the box.
> 
I realize that however setting those values would also prevent a memory
leak or a runaway process from bringing the machine to a halt
> 
> 
> > It appearers that most out of the box Linux systems are vulnerable to
> > this attack.  Here is the post from SUSE's security list.
> > 
> > -----------------------------------------------------------------------
> > From: Jim Flanagan <linuxjim at jjfiii.com>
> > To: suse-security at suse.com
> > Subject: [suse-security] Linux and forkbomb - with link
> > Date: Fri, 18 Mar 2005 12:47:51 -0600 (CST)
> > Sorry, my earlier post did not include the link to the story at
> > securityfocus.com
> > 
> > Are any of the currently supported Suse versions susceptible to this
> > forkbomb attack? I'm not very sure what it is, but I'm sure many of you
> > are. I'm running suse 8.2 pro and 9.1 pro.
> > 
> > http://www.securityfocus.com/columnists/308?ref=rssdebia
> > -----------------------------------------------------------------------
> > SUSE's reply was to install ulimit.  However the defaults are the same
> > as if it were not installed with no suggestion of appropriate limits.
> > Would anyone have any suggestions as to appropriate limits for the
> > following system types.
> > Workstation
> > Web Server
> > File Server
> > Print Server
> 
> 
> _______________________________________________
> Members mailing list
> Members at kalamazoolinux.org
> 
-- 
Mathew Enders <mathew.enders at prodigy.net>