Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email email@example.com
From: Jose Nazario (joseBIOCSERVER.BIOC.CWRU.EDU)
Date: Mon Apr 02 2001 - 17:15:58 CDT
On Mon, 2 Apr 2001, Gregor Binder wrote:
> OTOH, I think this sort of attack is very interesting. Does anybody have
> a current list of how to protect against those on current UNIX systems?
chose a more robust filesystem (ie a journaled filesystem) or, if its not
journaled, make sure its synchronously mounted. i have done evil things to
my filesystems as a regular user, and found that those situations
(journaled fs's or synchronous mounts) are resistant to big chunks of
> Looking at my SunOS7 box, it seems perfectly possible to me that a
> single, unpriviledged user could exhaust the process table (fork bomb).
POSIX resource limits work well here.
jose nazario josecwru.edu
PGP: 89 B0 81 DA 5B FD 7E 00 99 C3 B2 CD 48 A0 07 80
PGP key ID 0xFD37F4E5 (pgp.mit.edu)