Fork bomb is a denial of service attack on the operating system wherein a process continually replicates itself to deplete available resources, causing resource starvation and slow down or system crash. The current Linux kernel sets a limit to the maximum process id in the limits.conf system file
to prevent from such attacks. This would lead to denial of fork calls even to legitimate processes. This kernel functionality moves a step forward to identify a fork bomb by calculating the time between two fork calls along with enforcing a threshold.
Solution
The solution approach involves developing a loadable kernel module(LKM) that hooks the fork system call in order to examine if the system call is from a fork bomb. This can be found out if the fork call is from a process with process id larger than a predefined system threshold or if the time elapsed after process creation of the child processes is less than a predetermined period. If the call is made by a potential fork bomb, the process is not allowed to execute the fork system call and notifying the user about the event.
The module once loaded is expected to intercept all fork calls and detect if there is a fork bomb spawning processes. If it detects unusual forking by any process, the process will not be allowed to complete the fork call. The action taken will be logged in syslog.
The project is hosted in GitHub.
Fork
17 Mar 2016
16 Mar 2016
Why do you want to type sudo apt-get install always when you can make it short to sagi or magi?
As normal unix users, we frequently use the mundane sudo apt-get install, sudo apt-get upgrade, sudo apt-get remove etc. commands. As busy developers, we often need to initialize, commit git repos. Why don't we abbreviate these commands?
We can easily alias these commands in our bash_rc file and save our precious time for an extra movie for the day :)
In Ubuntu, add your alias to the ~/.bash_aliases file in the below format:
alias abbreviation="Command"
Example: alias sagi = "sudo apt-get install"
Now, I just need to type in $ sagi terminator to install terminator :)
If your OS flavor is not Ubuntu, just make the changes in ~/.bashrc and enjoy your extra hours for a good nap or movie.
We can easily alias these commands in our bash_rc file and save our precious time for an extra movie for the day :)
In Ubuntu, add your alias to the ~/.bash_aliases file in the below format:
alias abbreviation="Command"
Example: alias sagi = "sudo apt-get install"
Now, I just need to type in $ sagi terminator to install terminator :)
If your OS flavor is not Ubuntu, just make the changes in ~/.bashrc and enjoy your extra hours for a good nap or movie.
7 Mar 2016
Fix for Failed to fetch http://dl.google.com/linux/chrome/deb/dists/stable/Release Unable to find expected entry 'main/binary-i386/Packages' in Release file (Wrong sources.list entry or malformed file)
The error is because the repos try to fetch the 32 bit version of chrome which Google has stopped the support. The solution is to fetch the 64-bit version.
Just execute these two lines and the error is gone. Voila!
sudo sed -i -e 's/deb http/deb [arch=amd64] http/' "/etc/apt/sources.list.d/google-chrome.list"
sudo sed -i -e 's/deb http/deb [arch=amd64] http/' "/opt/google/chrome/cron/google-chrome"
sudo sed -i -e 's/deb http/deb [arch=amd64] http/' "/opt/google/chrome/cron/google-chrome"
Subscribe to:
Posts (Atom)