Infi-Zeal's Blog

 fork bomb is a denial-of-service attack whereby a process continually replicates itself to deplete available system resources. It can be prevented by limiting user processes.  Limiting user processes is important for running a stable system. To limit user process just add user name or group or all users to /etc/security/limits.conf file and impose process limitations. Understanding /etc/security/limits.conf file <domain> can be: an user name a group name, with @group syntax the wildcard *, for default entry the wildcard %, can be also used with %group syntax, for maxlogin limit <type> can have the two values: "soft" for enforcing the soft limits "hard" for enforcing hard limits <item> can be one of the following: core - limits the core file size (KB) <value> can be one of the following: core - limits the core file size (KB) data - max data size (KB) fsize - maximum filesize (KB) ...

Due to their nature, fork bombs can be difficult to stop once started. Stopping a fork bomb from reproducing further requires the termination of all running copies, which can be difficult to achieve. One problem faced is that a separate program to terminate the fork bomb cannot execute if the process table is fully saturated. The second major problem is that in the time taken between finding the processes to terminate and actually terminating them, more may have been created. Some fork bombs can be stopped relatively easily. Consider the shell fork bomb: : (){ : | : & } ;: By replacing the function identifier and re-indenting, the code reads: bomb () { bomb | bomb & } ; bomb The fork bomb in this case is a recursive function that runs in the background, thanks to the ampersand operator. This ensures that the child process does not die and keeps forking new copies of the function, consuming system resources. One important "featur...

The concept behind a fork bomb — the processes continually replicate themselves, potentially causing a denial of service C an you explain the following bash code or bash fork() bomb? :(){ :|:& };: The fork bomb is a form of denial-of-service (DoS) attack against a Linux based system. It makes use of the fork operation. :(){ :|:& };: is nothing but a bash function. This function get executed recursively. It is often used by sys admin to test user process limitations. Linux process limits can be configured via /etc/security/limits.conf and PAM. Once a successful fork bomb has been activated in a system it may not be possible to resume normal operation without rebooting the system as the only solution to a fork bomb is to destroy all instances of it. WARNING! These examples may crash your computer if executed. Understanding :(){ :|:& };: fork() bomb code :() - Defined the function called : . This function accepts no arguments. The syntax for bash fu...