Mailinglist Archive: opensuse-security (465 mails)

< Previous Next >
Classical DOS attack on Linux
  • From: <martin@xxxxxxxxxxxxxxxxxxxxx>
  • Date: Wed, 19 Dec 2001 08:54:00 +0100 (CET)
  • Message-id: <Pine.LNX.4.33.0112190847310.1860-100000@xxxxxxxxxxxxxxxxxxxxx>

The infamous book "Unix Hater's Handbook"xi gives the following example
of a simple DoS attack (using recursion):

#!/bin/sh
$0 &
exec $0

The author continues: "once they (these attacks) are launched,
the only way to regain control of your Unix system is by pulling
the plug beacuse no one can run the ps command to obtain the
process numbers of the offending processes... No one can even
run the su command to become Superuser!... And best of all,
any Unix user can launcg this attack."

I thought that this type of problems were fixed in Linux (by
limiting child processes etc) and I think that I tested this
variant some years ago and the system refused to "go down".

I therefore got an unpleasant surprise When one of my students
run the following variant

while true ; do
sleep 5000 &
echo "sleep"
done

and got the system on it's knees. I tested the "Hater"
variant and it "worked" too.

The error message given from the system when running the
sleep variant was:

Too many open files in system
cannot redirect standard input from /dev/null: Too many open files in system
./testsleep: /bin/sleep: Too many open files in system

The "classical" script gives similiar messages.

The kernels tested are 2.2.19 and 2.4.10-25 and both
give the same result.

Something for the kernel people to consider???!!!

Best regards
Martin F


< Previous Next >