Re: Fork bombing a Linux machine as a non-root user

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: For users of Fedora Core releases <fedora-list@xxxxxxxxxx>
Subject: Re: Fork bombing a Linux machine as a non-root user
From: Aleksandar Milivojevic <amilivojevic@xxxxxx>
Date: Mon, 21 Mar 2005 10:42:49 -0600
In-reply-to: <[email protected]>
List-archive: <https://www.redhat.com/archives/fedora-list>
List-help: <mailto:[email protected]?subject=help>
List-id: For users of Fedora Core releases <fedora-list.redhat.com>
List-post: <mailto:[email protected]>
List-subscribe: <http://www.redhat.com/mailman/listinfo/fedora-list>, <mailto:[email protected]?subject=subscribe>
List-unsubscribe: <http://www.redhat.com/mailman/listinfo/fedora-list>, <mailto:[email protected]?subject=unsubscribe>
References: <[email protected]> <[email protected]> <[email protected]> <[email protected]> <[email protected]> <[email protected]> <[email protected]> <[email protected]> <[email protected]> <[email protected]> <[email protected]> <[email protected]> <[email protected]>
Reply-to: For users of Fedora Core releases <fedora-list@xxxxxxxxxx>
User-agent: Mozilla Thunderbird 1.0-1.1.EL4.centos4 (X11/20050221)

Felipe Alfaro Solana wrote:

I agree... a fork-bomb is a local attack, which is far more powerful than remote attacks, although fork-bomb can only deny service. Once an attacker gets local access to your machine, you're in a very bad position. On point of defense-in-depth is to keep bad guys from gaining local access.

The fork bomb belongs to "resource attacks". There are other (just as efficient) attacks in this category. I showed variation that attacks the combination of virtual memory and disk access (actaully it is attacking disk access, since it really doesn't consume any virtual memory). The fork bomb is hard to perform remotely. The other attack I described (from same category as fork bomb) is possible to perform remotely, if there is exploitable application on the system that you can force into making the system to start swapping aggressivly.

So "fork bomb is local attack" is no excuse for system not being able to defend itself from resouces attacks (which is where specific attack called "fork bomb" belongs).

--
Aleksandar Milivojevic <amilivojevic@xxxxxx>    Pollard Banknote Limited
Systems Administrator                           1499 Buffalo Place
Tel: (204) 474-2323 ext 276                     Winnipeg, MB  R3T 1L7

Follow-Ups:
- Re: Fork bombing a Linux machine as a non-root user
  - From: Felipe Alfaro Solana

References:
- Fork bombing a Linux machine as a non-root user
  - From: M.Rudra
- Re: Fork bombing a Linux machine as a non-root user
  - From: Matthew Miller
- Re: Fork bombing a Linux machine as a non-root user
  - From: Scot L. Harris
- Re: Fork bombing a Linux machine as a non-root user
  - From: Dave Jones
- Re: Fork bombing a Linux machine as a non-root user
  - From: Scot L. Harris
- Re: Fork bombing a Linux machine as a non-root user
  - From: Dave Jones
- Re: Fork bombing a Linux machine as a non-root user
  - From: Ow Mun Heng
- Re: Fork bombing a Linux machine as a non-root user
  - From: Les Mikesell
- Re: Fork bombing a Linux machine as a non-root user
  - From: David Curry
- Re: Fork bombing a Linux machine as a non-root user
  - From: Les Mikesell
- Re: Fork bombing a Linux machine as a non-root user
  - From: David Curry
- Re: Fork bombing a Linux machine as a non-root user
  - From: Les Mikesell
- Re: Fork bombing a Linux machine as a non-root user
  - From: Felipe Alfaro Solana

Prev by Date: Udev Audio Disable
Next by Date: Re: Big Brother 1.9c and Fedora Core 3
Previous by thread: Re: Fork bombing a Linux machine as a non-root user
Next by thread: Re: Fork bombing a Linux machine as a non-root user
Index(es):
- Date
- Thread

[Index of Archives] [Current Fedora Users] [Fedora Desktop] [Fedora SELinux] [Yosemite News] [Yosemite Photos] [KDE Users] [Fedora Tools] [Fedora Docs]

Powered by Linux