How To Understand Bash Fork Bomb in Linux

This post will guide you how to understand bash fork bomb in Linux operating systems. How to prevent fork bomb bash script by limiting user’s process in your Linux system.

understand bash fork bomb linux1
What is Fork Bomb


a fork bomb (also called rabbit virus or wabbit) is a denial-of-service attack wherein a process continually replicates itself to deplete available system resources, slowing down or crashing the system due to resource starvation. if you start fork bomb script on your Linux system, and it will spawning new processes on your systems. And these new processes will stay alive in background and keeps eating your system cpu or memory resources until system hungs. Actually, Fork bomb is a function in your bash shell script. and it will call himself recursively. like below codes:

:(){ :|:& };:

Or

bomb(){

bomb | bomb &

}
bomb

How Fork Bomb Script Works


let’s see how to understand the above fork bomb.

bomb(): a line to define a new function called bomb in your shell script.
{ code }: contains the function code
bomb: will call the function “bomb” to execute
&: will put the function call in the background

Preventing Fork Bomb


Fork bombcan be prevented by limiting user processes, and you can defined process limit by adding the following lines into the /etc/security/limits.conf file.

user soft nproc 5000
user hard nproc 5000

Note: user is username for which limits are being defined. and soft and hard are type of limits. nproc is variable for process limit. You should not set the total nuber of processes too low, or your Linux system will be crashed.

then you will see the following output when you execute Fork Bomb script at your shell prompt, type:

$ ./bomb.sh

Outputs:

[devops@mydevops ~]$ ./bomb.sh
./bomb.sh: fork: retry: Resource temporarily unavailable
./bomb.sh: fork: retry: Resource temporarily unavailable
./bomb.sh: fork: retry: Resource temporarily unavailable
./bomb.sh: fork: retry: Resource temporarily unavailable
./bomb.sh: fork: retry: Resource temporarily unavailable
./bomb.sh: fork: retry: Resource temporarily unavailable
./bomb.sh: fork: retry: Resource temporarily unavailable
./bomb.sh: fork: retry: Resource temporarily unavailable
./bomb.sh: fork: retry: Resource temporarily unavailable
./bomb.sh: fork: retry: Resource temporarily unavailable
./bomb.sh: fork: retry: Resource temporarily unavailable
./bomb.sh: fork: retry: Resource temporarily unavailable
./bomb.sh: fork: retry: Resource temporarily unavailable

And you can also use ulimit command with “-S -u ” options to limit user processes, type:

$ sudo ulimit -S -u 5000

Conclusion


You should know that how to understand fork bomb or how to prevent fork bomb to crash your system in your CentOS or RHEL or Ubuntu system.

You might also like:

Sidebar



back to top