[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]
[linux-security] Re: IPMASQ and lock-up of all terminals ----Sum mary and update
- From: Pantalache Dalis-Adrian <dalis electron upit ro>
- To: linux-security redhat com
- Subject: [linux-security] Re: IPMASQ and lock-up of all terminals ----Sum mary and update
- Date: Sat, 8 Apr 2000 10:22:44 +0000 (UCT)
On 3 Apr 2000, Zygo Blaxell wrote:
> >3) Is there a way of directly testing whether I am the victim of an
> >occasionally fork bomb or DOS attack? Is there a way I can correct this?
>
> Logging...lots of logging.
>
> You'd probably notice a fork bomb with tools as basic as 'ps' or 'top'--if
> you got there fast enough. If you're too late...well, you can't ask the
> machine if it's running a fork bomb because it's too busy forking to
> respond to you. ;-)
>
>
A solution is
put in
/etc/pam.d/login
session required /lib/security/pam_limits.so
and in other config pam ex.
/etc/pam.d/ssh
......
then
in /etc/security/limits.conf
* hard nproc 15
read the limits.conf for more
and try a fork bomb
try before zis
#!/bin/sh
$0&$0&
and after modification
15 is the number of the proces per user
--
Pantalache Dalis-Adrian
+---------------------------------+
| Linux Sysadmin |
| |
| dalis electron upit ro |
| dalis agersystems ro |
+---------------------------------+
[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]