Re: Fork bombing a Linux machine as a non-root user

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Felipe Alfaro Solana wrote:

I agree... a fork-bomb is a local attack, which is far more powerful than remote attacks, although fork-bomb can only deny service. Once an attacker gets local access to your machine, you're in a very bad position. On point of defense-in-depth is to keep bad guys from gaining local access.

The fork bomb belongs to "resource attacks". There are other (just as efficient) attacks in this category. I showed variation that attacks the combination of virtual memory and disk access (actaully it is attacking disk access, since it really doesn't consume any virtual memory). The fork bomb is hard to perform remotely. The other attack I described (from same category as fork bomb) is possible to perform remotely, if there is exploitable application on the system that you can force into making the system to start swapping aggressivly.


So "fork bomb is local attack" is no excuse for system not being able to defend itself from resouces attacks (which is where specific attack called "fork bomb" belongs).

--
Aleksandar Milivojevic <amilivojevic@xxxxxx>    Pollard Banknote Limited
Systems Administrator                           1499 Buffalo Place
Tel: (204) 474-2323 ext 276                     Winnipeg, MB  R3T 1L7


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux