-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Randall R Schulz schrieb:
Jim,
On Friday 18 March 2005 10:47, Jim Flanagan wrote:
...
Are any of the currently supported Suse versions suseptable to this forkbomb attack? I'm not very sure what it is, but I'm sure many of you are. I'm running suse 8.2 pro and 9.1 pro.
From my SuSE 9.1 Pro:
% ulimit -a core file size (blocks, -c) 0 data seg size (kbytes, -d) unlimited file size (blocks, -f) unlimited max locked memory (kbytes, -l) unlimited max memory size (kbytes, -m) unlimited open files (-n) 1024 pipe size (512 bytes, -p) 8 stack size (kbytes, -s) unlimited cpu time (seconds, -t) unlimited max user processes (-u) 16369 virtual memory (kbytes, -v) unlimited
This suggests the vulnerability exists. Don't ask me to run the forkbomb script, though.
Here's the story at my ISP:
% ulimit -a core file size (blocks) 0 data seg size (kbytes) 20000 file size (blocks) 100000 max locked memory (kbytes) unlimited max memory size (kbytes) 10000 open files 1024 pipe size (512 bytes) 8 stack size (kbytes) 8192 cpu time (seconds) 600 max user processes 7168 virtual memory (kbytes) unlimited
% uname -a Linux bolt.sonic.net 2.4.29-rc2-A-STAND #1 SMP Thu Jan 13 20:54:15 PST 2005 i686 unknown
That looks better, but unless that host has s**tloads of RAM and some kind of CPU throttling, it might still be vulnerable. Definitely don't ask me to attack my own ISP. I need them!
Jim Flanagan
Randall Schulz
So which values do you suggest? Depending if the machine is a server or a workstation with multiple users on it differences have to be made im memory usage and open files. There is nothing said in the article what to do and how to prevent this. There is only a "there is some malice script". Reguards Philippe - -- Diese Nachricht ist digital signiert und enthält weder Siegel noch Unterschrift! Die unaufgeforderte Zusendung einer Werbemail an Privatleute verstößt gegen §1 UWG und 823 I BGB (Beschluß des LG Berlin vom 2.8.1998 Az: 16 O 201/98). Jede kommerzielle Nutzung der übermittelten persönlichen Daten sowie deren Weitergabe an Dritte ist ausdrücklich untersagt! -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iQD1AwUBQjwUa0Ng1DRVIGjBAQILZwcAhg8TGQS4juk5wNHHMpM10vbEqVcAD7MJ 4en7krIKFUterXprrVFSRqaZQr009LLFtnnMWJHPfn/HeGzTrpgzCoL5DLDwQWhJ di5tR3ReiWBAAyjrJcOc+zD1EIRNLbIRXF8aJLrwkwNCE8bcO8JEID7gFf4OTjIn VC/hCvsVXuJQpkaKyEq+k15e8kWsdZ4F6ktGqqvguK0rKwPSbu4wB7nwWqdBfag3 s+Mauy5oxmaLg7SrK7hqOH4Z0YLmB/NS60IEwfHs9cgdb4zOVc7pXJBDq592VcJs oSdNDEyuK4s= =O4Wi -----END PGP SIGNATURE-----