Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

fork bomb protection

5 views
Skip to first unread message

Anders Gjære

unread,
Jan 31, 2002, 2:30:59 PM1/31/02
to
Maybe PAM offer some features for this

anders

# -----Original Message-----
# From: Thedore Knab [mailto:t...@annapolislinux.org]
# Sent: 31. januar 2002 19:22
# To: debia...@lists.debian.org
# Subject: fork bomb protection
#
#
# I am an admin of a Debian woody Linux box for computer science majors.
#
# The machine is running the 2.4.17 kernel with iptables and quotas.
#
# Although I have spent a lot of time securing things, I still
# fear that fork bombs may kill the box.
#
# Is there a way in the 2.4.17 kernel to prevent fork bombs
# from crashing a system ?
#
# I fear the students from the Operating Systems class.
#
# Ted Knab
#
#
# --
# To UNSUBSCRIBE, email to debian-is...@lists.debian.org
# with a subject of "unsubscribe". Trouble? Contact
# listm...@lists.debian.org
#
#


--
To UNSUBSCRIBE, email to debian-is...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listm...@lists.debian.org

Russell Coker

unread,
Feb 1, 2002, 2:21:14 PM2/1/02
to
On Fri, 1 Feb 2002 06:16, martin f krafft wrote:
> also sprach Thedore Knab <t...@annapolislinux.org> [2002.01.31.1922 +0100]:
> > Is there a way in the 2.4.17 kernel to prevent fork bombs from crashing
> > a system ?
>
> have a look at the kernel patches at www.grsecurity.net. i believe
> a debian package is in the works.

I first packaged the kernel patch for that in November last year. I have
since passed it on to Jonathan McDowell. See
http://www.earth.li/~noodles/grsec/ .

> but ulimit can also do wonders...

Ulimit is that this person needs.

> > I fear the students from the Operating Systems class.
>

> everyone does. and every students fears the operating systems class :)

Wimps. When in OS class I killed two major time-sharing machines (the main
staff machine and the main student machine) on a Friday night. The student
machine was down for the entire weekend and caused dozens of students to be
unable to complete their assignments on time. ;)

I'd like to teach an OS class at uni. I'd divide the class into two groups.
One group of sys-admins the other hostile-users, then they change sides at
half time. It would be fun for everyone!

--
http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/ Postal SMTP/POP benchmark
http://www.coker.com.au/projects.html Projects I am working on
http://www.coker.com.au/~russell/ My home page

0 new messages