Shell Fork Bomb/Memory Hog Protection Howto

Status
Not open for further replies.

bipinkdas

Verified User
Joined
Nov 23, 2006
Messages
29
Location
India
Hi
In all the security related issues the common word is "Shell Fork Bomb/Memory Hog Protection". I had tried with my friend [google],but get a vague information.Can any body tell me how to enable this wonderful security feature?
 
Hi
In all the security related issues the common word is "Shell Fork Bomb/Memory Hog Protection". I had tried with my friend [google],but get a vague information.Can any body tell me how to enable this wonderful security feature?
Hi.

[root@srv01 ~]# vi /etc/security/limits.conf

srv01 hard nproc 300

Greetings.
 
Yes. The post is old, but the advice, works the same today for a server without windows. I don't like to leave a post without responding to technical details.

Having an nproc limit is important, because this will limit how many times a fork-bomb can replicate. However, having it too low can make your system unstable or even unusable, as new processes will not be able to be created.

A value of 300 is too low for even the most minimal of Window-managers to run more than a few desktop applications and daemons, but is often fine for an X-less server (In fact, 300 is the value that the University of Georgia's Computer Science department used for the undergrad process limit on its Linux servers in 2017.)

300 is ok valor for a server without windows.

Grettings.
 
Status
Not open for further replies.
Back
Top