Even though the Linux platform you develop on is considered very secure, it doesn’t mean it’s 100% guaranteed to be safe. Case in point: the fork bomb.
A fork bomb is a form of denial-of-service attack that uses the fork operation, which is executed recursively and can consume all system resources. The only way to regain control of a fork-bombed system is a reboot, and there’s no guarantee it won’t return.
SEE: Hiring Kit: Network Engineer (TechRepublic Premium)
So, how do you prevent this from happening? You lower the number of processes allowed on your Linux server.
By default, Linux allows 128,038 processes. In order to protect your server from a fork bomb, you must lower that number. It’s actually really simple to do, but you can’t lower the number too much, otherwise you might find your system unusable.
So, how do you lower the number of allowed processes? Let me show you.
First, let’s check to see how many processes are allowed on your system by running the command
ulimit -u. If you see 128,038, your system could be vulnerable to a fork bomb.
Let’s lower that number to 5,000 with the command
ulimit -S -u 5000. If you issue the command
ulimit -u it should now show only 5,000 processes available.
However, to be safe, you want to limit processes by user. To do that, open the limits.conf file with the command
sudo nano /etc/security/limits.conf, and then, add a line at the bottom of the file that looks something like
jack hard nproc 5000. That would limit the user jack to a maximum of 5,000 processes.
Make this change for whatever user you need; just use caution when doing so with system users, as you don’t want to wind up with a system that won’t run properly.
After doing this, reboot your system, and you’re good to go. Congratulations, you’ve just protected your Linux development system from fork bombs.
Subscribe to TechRepublic’s How To Make Tech Work on YouTube for all the latest tech advice for business pros from Jack Wallen.
Subscribe to the Cybersecurity Insider Newsletter
Strengthen your organization's IT security defenses by keeping abreast of the latest cybersecurity news, solutions, and best practices. Delivered Tuesdays and Thursdays